Categories: Features

Hashed passwords for Prosody

We just changed the Prosody authentication provider module to hashed SCRAM-SHA-1 passwords.

You most probably will not notice anything. But if your client does not support SCRAM-SHA-1 the password will be sent in plain, not DIGEST-MD5 like until now. So be sure you only use a TLS/SSL connection to the server to protect the password (and also all your other XMPP data like chat messages) inside an encrypted data stream. Some clients might show a warning that DIGEST-MD5 is not longer available on the server.

The next time you log in the password will be automaticly hashed with SCRAM-SHA-1 mechanism.

Roi

Recent Posts

XMPP Housekeeping now active for openim Domains!

We just activated XMPP Housekeeping for the openim.de and openim.eu domains. These two domains joined…

4 months ago

openim.de

Yesterday we took over the domain openim.de and the XMPP/Jabber users running on it. The…

2 years ago

Upgrade to Prosody 0.12

We upgraded the Jabber server to Prosody 0.12 (from 0.11) yesterday, see the changelog.

2 years ago

Hot-Chilli Matrix server

If anyone is looking for a Matrix server besides matrix.org or matrix.im, please visit us…

3 years ago

Converse.js finally works here

We did a lot of digging into the issues that the browser windows froze when…

3 years ago

New public domain: hot-chilli.im

We just added another public domain to our XMPP/Jabber server: hot-chilli.im For the future we…

3 years ago