43
edits
m (ANd → And) |
m (>4k rounds of HMAC, which involves applying the hash function twice, so >8k hash iterations ;)) |
||
Line 40: | Line 40: | ||
It also uses channel binding, as a way of detecting man-in-the-middle attacks on TLS. | It also uses channel binding, as a way of detecting man-in-the-middle attacks on TLS. | ||
The server stores a string made from repeatedly hashing the password over | The server stores a string made from repeatedly hashing the password over 8000 times. An attacker can still break this by trying every password, but it takes much, much longer than cracking a DIGEST-MD5 intermediate hash. | ||
== What about PLAIN? == | == What about PLAIN? == | ||
PLAIN will work with SCRAM-hashed stores, but it'll also work with almost every password store, from plaintext to Active Directory. So it's good to have a an IM client that supports PLAIN, but you're then sending your password in plaintext on the "wire" - a rogue server, or just bad debugging logs, could leak your password easily. | PLAIN will work with SCRAM-hashed stores, but it'll also work with almost every password store, from plaintext to Active Directory. So it's good to have a an IM client that supports PLAIN, but you're then sending your password in plaintext on the "wire" - a rogue server, or just bad debugging logs, could leak your password easily. |
edits