ktm5124
Reputation: 12123
Can LDAP recognize password hashes during authentication?
When you authenticate a user against an LDAP server is it possible to send a password hash instead of a plaintext password?
If so, what password hashes does LDAP recognize?
Thanks
Upvotes: 2
Views: 2634
Answers (1)
Paul Sasik
Reputation: 81507
No. You would need to know a lot of info about LDAP's security internals such as the hashing algorithm and salt (if any) used. These are not the kinds of information that closed systems usually share with the outside world.
Another way to think about is: What would it take for Google or Facebook to recognize a password hashed in another application, and would this be useful?
Upvotes: 3
Related Questions
- Verify LDAP user password with SSHA-512 hash method
- Is it necessary to encrypt or hash passwords with spring security and ldap?
- Is it possible to verify LDAP credentials without storing the LDAP password as plain text
- Set already hashed password for LDAP users (with Java)
- Hash password before validate with LDAP
- Connecting to LDAP with MD5 password
- Enable password hashing in OpenLDAP
- openldap auth with both option hashed as well as cleartext?
- LDAP password hash matching in Java
- Java -> LDAP account password encryption