khanh.pndc/nextcloud-docs
1
0
Fork 0
mirror of https://github.com/nextcloud/documentation.git synced 2026-01-03 02:09:45 +07:00
Code Issues Packages Projects Releases Wiki Activity

hard limit on password length

Browse Source
This commit is contained in:
Carla Schroder
2015-05-06 17:27:24 -07:00
parent 8c0dbd10e2
commit 51485ee66b
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
admin_manual/configuration_server/harden_server.rst
View File

@@ -15,6 +15,11 @@ run ownCloud Server on Apache2 on a Linux environment.
critical security-relevant options are missing. However, it is still up to
the server administrator to review and maintain system security.
Limit on Password Length
------------------------
ownCloud uses the bcrypt algorithm and thus for security and performance reasons, e.g. Denial of Service as CPU demand increases exponentially, it only verifies the first 72 characters of passwords. This applies to all passwords that you use in ownCloud: user passwords, passwords on link shares, and passwords on external shares.
Operating system
----------------