Password

This document describes the configuration options available for enabling password-based user authentication.

🔧 Select Algorithm: PBKDF2

PBKDF2 (Password-Based Key Derivation Function 2) is a key stretching algorithm that enhances password security through repeated hashing. It is a FIPS-approved method and widely supported.

📌 Configuration Parameters

Parameter

Options / Range

Description

Hash Function

SHA-256 or SHA-512

Selects the underlying HMAC hash function.

Key Length

Based on hash function: • SHA-256 → 32 bytes (256 bits) • SHA-512 → 64 bytes (512 bits)

Length of the derived key.

Iterations

300,000 – 600,000

Number of hashing rounds to slow down brute-force attacks. Higher values improve security but increase processing time.

✅ Recommendations

Preferred Digest: SHA-512 for stronger security, with a key length of 64 bytes.
Minimum Iterations: 300,000

PreviousUser Authentication Methods NextEmail-Based Authentication

Last updated 17 days ago