IBM Security SOAR

IBM Security SOAR - v42.1 - Password-hashing algorithm removal

By BEN WILLIAMS posted Mon September 13, 2021 11:39 AM


In v39, the password-hashing function used for encrypting passwords changed from bcrypt to PBKDF2. All user and API key accounts were automatically upgraded to use PBKDF2 when a user or app logged in to the SOAR platform.

In v42.1, bcrypt will be removed altogether. If any of those accounts were not used to log in since the upgrade to v39, in v42.1, users will receive emails about their accounts expiring and API key administrators will receive emails that the API key accounts are expiring.