<div dir="ltr"><div><div>Why not use a bcrypt cost of 12, which is what a lot of bcrypt libraries are using for a default nowadays?<br><br></div>There's even some helpful math and data at <a href="https://security.stackexchange.com/questions/17207/recommended-of-rounds-for-bcrypt">https://security.stackexchange.com/questions/17207/recommended-of-rounds-for-bcrypt</a> to show how 12 (at the least) may be a good *minimum* cost.<br><br></div><div>Also, I would look into scrypt. It's been around long enough that it's starting to prove it's worth. bcrypt really only worries about CPU cycles, while scrypt takes CPU and RAM into account.<br></div><div><br></div>~reed<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, May 4, 2015 at 1:52 PM, Alex Vandiver <span dir="ltr"><<a href="mailto:alexmv@bestpractical.com" target="_blank">alexmv@bestpractical.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">The branch, 4.2/bcrypt-cost has been created<br>
at 0c5d3842926dcf05fe227d8f8d57f41e517c09b2 (commit)<br>
<br>
- Log -----------------------------------------------------------------<br>
commit 0c5d3842926dcf05fe227d8f8d57f41e517c09b2<br>
Author: Alex Vandiver <<a href="mailto:alexmv@bestpractical.com">alexmv@bestpractical.com</a>><br>
Date: Mon May 4 16:42:03 2015 -0400<br>
<br>
Increase the bcrypt cost by a factor of two<br>
<br>
The bcrypt key derivation function contains a tuning parameter, the<br>
number of "rounds" to run, which allows the same algorithm to have<br>
increased computational cost, to prevent brute force attacks, as<br>
computers grow faster.<br>
<br>
Moore's Law estimates a doubling in the number of transistors every 18<br>
months, which is, in broad strokes, also similar to a doubling in<br>
computational power every 18 months. RT introduced the use of bcrypt in<br>
September 2013; as such, the complexity of key derivation is now due to<br>
be doubled. This is done by increasing the number of rounds by one.<br>
<br>
Old passwords (with lower costs) will still work, but will be upgraded<br>
as soon as a user logs in.<br>
<br>
diff --git a/etc/<a href="http://RT_Config.pm.in" target="_blank">RT_Config.pm.in</a> b/etc/<a href="http://RT_Config.pm.in" target="_blank">RT_Config.pm.in</a><br>
index 7ece63f..a519802 100644<br>
--- a/etc/<a href="http://RT_Config.pm.in" target="_blank">RT_Config.pm.in</a><br>
+++ b/etc/<a href="http://RT_Config.pm.in" target="_blank">RT_Config.pm.in</a><br>
@@ -2071,7 +2071,7 @@ higher numbers denoting greater effort.<br>
<br>
=cut<br>
<br>
-Set($BcryptCost, 10);<br>
+Set($BcryptCost, 11);<br>
<br>
=back<br>
<br>
diff --git a/t/api/password-types.t b/t/api/password-types.t<br>
index 9eeded4..3278b48 100644<br>
--- a/t/api/password-types.t<br>
+++ b/t/api/password-types.t<br>
@@ -16,11 +16,12 @@ ok($root->IsPassword("password"));<br>
is($root->__Value("Password"), $old, "Unchanged after password check");<br>
<br>
# bcrypt (smaller number of rounds)<br>
+my $rounds = RT->Config->Get("BcryptCost");<br>
my $salt = Crypt::Eksblowfish::Bcrypt::en_base64("a"x16);<br>
$root->_Set( Field => "Password", Value => RT::User->_GeneratePassword_bcrypt("smaller", 6, $salt) );<br>
like($root->__Value("Password"), qr/^\!$default\!06\!/, "Stored with a smaller number of rounds");<br>
ok($root->IsPassword("smaller"), "Smaller number of bcrypt rounds works");<br>
-like($root->__Value("Password"), qr/^\!$default\!10\!/, "And is now upgraded to salted $default");<br>
+like($root->__Value("Password"), qr/^\!$default\!$rounds\!/, "And is now upgraded to $rounds rounds");<br>
<br>
# Salted SHA-512, one round<br>
$root->_Set( Field => "Password", Value => RT::User->_GeneratePassword_sha512("other", "salt") );<br>
<br>
-----------------------------------------------------------------------<br>
_______________________________________________<br>
rt-commit mailing list<br>
<a href="mailto:rt-commit@lists.bestpractical.com">rt-commit@lists.bestpractical.com</a><br>
<a href="http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-commit" target="_blank">http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-commit</a><br>
</blockquote></div><br></div>