Make bcrypt cost configurable (#1793)

author: Kegsay <kegan@matrix.org> 2021-03-08 13:19:02 +0000
committer: GitHub <noreply@github.com> 2021-03-08 13:19:02 +0000
commit: 850abb1dde2ce6f85554457e3ee94a9837e13897 (patch)
tree: 4b9068e9e4bca77ac1be1291c10fc53d8a704648 /dendrite-config.yaml
parent: c3ad2cca49a7ad5890dddf2d8eec3e3cbbff16d1 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/dendrite-config.yaml b/dendrite-config.yaml
index 22c7b902..13564590 100644
--- a/dendrite-config.yaml
+++ b/dendrite-config.yaml
@@ -340,6 +340,13 @@ sync_api:
 
 # Configuration for the User API.
 user_api:
+  # The cost when hashing passwords on registration/login. Default: 10. Min: 4, Max: 31
+  # See https://pkg.go.dev/golang.org/x/crypto/bcrypt for more information.
+  # Setting this lower makes registration/login consume less CPU resources at the cost of security
+  # should the database be compromised. Setting this higher makes registration/login consume more
+  # CPU resources but makes it harder to brute force password hashes.
+  # This value can be low if performing tests or on embedded Dendrite instances (e.g WASM builds)
+  # bcrypt_cost: 10
   internal_api:
     listen: http://localhost:7781
     connect: http://localhost:7781
author	Kegsay <kegan@matrix.org>	2021-03-08 13:19:02 +0000
committer	GitHub <noreply@github.com>	2021-03-08 13:19:02 +0000
commit	850abb1dde2ce6f85554457e3ee94a9837e13897 (patch)
tree	4b9068e9e4bca77ac1be1291c10fc53d8a704648 /dendrite-config.yaml
parent	c3ad2cca49a7ad5890dddf2d8eec3e3cbbff16d1 (diff)