Why are PBKDF2-SHA256 and PBKDF2_SHA256 different in 389-ds? In a mailing list discussion recently it came up about what password hash format should you use in 389-ds. Confusingly we have two PBKDF2 SHA256 implementations, which has a bit of history. Too Lazy, Didn't Read Use PBKDF2-SHA256. (hyphen, not underscore). What's PBKDF2 anyway? Passwords are a shared-knowledge secret, so knowledge of the password allows you to authenticate as the person. When we store that secret, we don't want it s...
