1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
Last revised: October 28, 2020
PBKDF2 Module
Eggdrop encrypts its userfile, so users can have secure passwords.
Eggdrop will not start without an encryption module.
As of Eggdrop 1.9.0, a new encryption module was added, the PBKDF2
module. The PBKDF2 module was designed to work with the previous
encryption module (blowfish) to make the transition easier. If this is
a new bot, you can safely load just the PBKDF2 module. If you are
transitioning a userfile from 1.8 or earlier, you should load this AND
the blowfish module. By doing so, Eggdrop will seamlessly update the
old blowfish hashes to the new PBKDF2 hashes once a user logs in for
the first time, and allow you to (eventually) remove the blowfish
module altogether.
Outside of the specific case noted above, please note that if you
change your encryption method later (i.e. using other modules like a
rijndael module), you can't use your current userfile anymore.
Put this line into your Eggdrop configuration file to load the server module::
loadmodule pbkdf2
There are also some variables you can set in your config file:
set pbkdf2-method "SHA256"
Cryptographic hash function used. Use
openssl list -digest-algorithms to view all available options
set pbkdf2-rounds 1600
Number of rounds. The higher the number, the longer hashing takes;
but also generally the higher the protection against brute force
attacks.
This module requires: none
Copyright (C) 2000 - 2025 Eggheads Development Team
|
