The Crypt Password Storage Scheme provides a mechanism for encoding user passwords using the UNIX crypt algorithm.
This implementation contains only an implementation for the user password syntax, with a storage scheme name of "CRYPT". Even though it is a one-way digest, the Crypt Password Storage Scheme is relatively weak by today's standards. Because it supports only a 12-bit salt (meaning that there are only 4096 possible ways to encode a given password), it is also vulnerable to dictionary attacks. You should therefore use this storage scheme only in cases where an external application expects to retrieve the password and verify it outside of the directory, rather than by performing an LDAP bind.
The Crypt Password Storage Scheme component inherits from the Password Storage Scheme
A description of each property follows.
Basic Properties: | Advanced Properties: |
---|---|
↓ enabled | ↓ java-class |
Description | Indicates whether the Password Storage Scheme is enabled for use. |
Default Value | None |
Allowed Values | true false |
Multi-valued | No |
Required | Yes |
Admin Action Required | None |
Advanced Property | No |
Read-only | No |
Description | Specifies the fully-qualified name of the Java class that provides the Crypt Password Storage Scheme implementation. |
Default Value | org.opends.server.extensions.CryptPasswordStorageScheme |
Allowed Values | A java class that implements or extends the class(es) : org.opends.server.api.PasswordStorageScheme |
Multi-valued | No |
Required | Yes |
Admin Action Required | None |
Advanced Property | Yes |
Read-only | No |