Additional crypt based hash support for hashed password import

Hi,

We are starting to integrate Okta and we have some hashes that use schemes from crypt for hashing other than bcrypt. Particularly, we are in the need of sha-512 support but given the infrastructure for hash imports is in place (including bcrypt from the crypt category), it may be just easy as to add all the rest of the schemes from the crypt. Could you please consider this? I’m pretty sure this may be the use case for other folks as well (for example: Migrating users from Drupal 7 to Okta)

Thanks!

SHA-512 is supported for importing hashed password for new users
all the algorithms supported for this can be found in the hashed password object doc

The sha-512 that is currently supported is a plain simple one:

  • take a password
  • take a salt
  • pre or post-fix salt to password
  • run plain one-time sha-512 hashing of that content

However, the crypt implementation is much more complex and also more secure (https://akkadia.org/drepper/SHA-crypt.txt) and pretty widely used imo.