-
Enhancement
-
Resolution: Fixed
-
P3
-
None
-
None
-
generic
-
generic
JMC is using some weak cipher algorithms for storing passwords.
Remove weak ciphers from the drop down list, so that users setting a new password only have the option of using secure algorithms. For this, it would probably be better to just create our own list of known secure algorithms instead of starting with a complete list and removing weak ones, unless there would be potential usability/compatibility concerns with that approach.
- links to
-
Commit(master) openjdk/jmc/2458719d
-
Review(master) openjdk/jmc/651