I want to close #48241  as "wontfix". I do not believe that it's
appropriate to provide SHA3 as a password hashing algorithm.
The SHA3 algorithm is designed to be fast, and cryptographically secure.
It's target usage is for signatures and verification of these in a rapid
The fact that this algorithm is fast, and could be implemented in
hardware is the reason it's not appropriate for password hashing.
Passwords should be hashed with a slow algorithm, and in the future, an
algorithm that is CPU and memory hard. This means that in the (hopefully
unlikely) case of password hash leak or dump from ldap that the attacker
must spend a huge amount of resources to brute force or attack any
password that we are storing in the system.
As a result, I would like to make this ticket "wontfix" with an
explanation of why. I think it's better for us to pursue #397 .
PBKDF2 is a CPU hard algorithm, and scrypt is both CPU and Memory hard.
These are the direction we should be going (asap).
Red Hat, Brisbane