SHA-2 Authentication-Password Hashing
The Oracle Communications Session Border Controller supports SHA-2 hashing of user login passwords. The OCSBC hashes passwords using a randomly generated salt with 65532 iterations of the SHA-512 algorithm.
Enabling SHA-2 Password Hashing
Passwords are changed with the secret login command. All newly set passwords are hashed with SHA-2, the SHA-1 hash is removed, and thereafter the OCSBC uses SHA-2 to validate the password for that user. Oracle recommends that all users change their passwords after upgrading the system.
WARNING:
Regarding upgrades to this software, versions of Session Deliver Manager prior to SDM 8.1 do not support managing SHA-2 enabled OCSBCs. To manage an OCSBC, you must use SDM 8.1 with basic authentication.WARNING:
If you downgrade to a release that only supports SHA-1 hashing after a user login password has been SHA-2 hashed, users will be locked out until all passwords are cleared. To clear passwords, contact Oracle Support.