Authentication Password Syntax


The authentication password syntax defines a standard method for encoding a user Password for storage in the server, ideally in a manner that makes it difficult or impossible to determine the clear-text value of that password.

The authentication password syntax is described in RFC 3112, which defines the "authPassword" AttributeType and a corresponding "authPasswordObject" auxiliary object class that will allow the use of that attribute.

The basic form of a password encoded using the authentication password syntax is:


where scheme is the name of the scheme used to encode the value, authInfo is some kind of modifier (for example, a Salt) used in the encoding process, and authValue is the encoded password information. For example, the value "SHA1$RzqH67DY3uQ=$atAcDs1eS+IJwPy7V4UDXEoBrDI=" is encoded using the authentication password syntax (the scheme is "SHA1", the authInfo element is "RzqH67DY3uQ=", and the authValue element is "atAcDs1eS+IJwPy7V4UDXEoBrDI=").

More Information#

There might be more information for this subject on one of the following: