You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The default password hashing algorithm in Debian 12 is yescrypt, which apparently is a better to withstand offline password cracking compared to SHA512.
Currently I get the following message:
99.5.4.5.2_acc_shadow_sha [ KO ] User root has a password that is not SHA512 hashed.
Obviously, this is technically correct. However, considering this is apparently a better hashing algorithm, would it be possible to include this in the checks?
I can also understand this may be something that needs to be reported to CIS itself perhaps, thus this discussion.
The text was updated successfully, but these errors were encountered:
The default password hashing algorithm in Debian 12 is yescrypt, which apparently is a better to withstand offline password cracking compared to SHA512.
Currently I get the following message:
99.5.4.5.2_acc_shadow_sha [ KO ] User root has a password that is not SHA512 hashed.
Obviously, this is technically correct. However, considering this is apparently a better hashing algorithm, would it be possible to include this in the checks?
I can also understand this may be something that needs to be reported to CIS itself perhaps, thus this discussion.
The text was updated successfully, but these errors were encountered: