From 719db78a94f0c69301dbcafee0373b0c0a49dff0 Mon Sep 17 00:00:00 2001 From: Dmitry Chestnykh Date: Wed, 19 Nov 2025 01:24:38 +0100 Subject: [6.0.x] Fixed #36744 -- Improved scrypt password hasher docs. - Corrected work_factor description and its requirements. - Added block_size description. - Changed parallelism description to mention computations, rather than threads (currently it's not multithreaded.) - For all of the above, added standard scrypt terminology (N, r, p). - Mentioned that in multithreaded implementations, parallelism also influences the memory requirements. Backport of 0ca3a0661173b02e2cbb0183d8543e790e7e4a55 from main --- docs/topics/auth/passwords.txt | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/docs/topics/auth/passwords.txt b/docs/topics/auth/passwords.txt index 0976ae4fa2..87e2cb298b 100644 --- a/docs/topics/auth/passwords.txt +++ b/docs/topics/auth/passwords.txt @@ -285,15 +285,18 @@ follows: scrypt_ has the following attributes that can be customized: -#. ``work_factor`` controls the number of iterations within the hash. -#. ``block_size`` -#. ``parallelism`` controls how many threads will run in parallel. +#. ``work_factor`` controls the number of iterations within the hash and the + size of memory for computation (*N*). It must be a power of 2. +#. ``block_size`` controls the internal block size (*r*), tuning the algorithm + to memory latency. +#. ``parallelism`` controls how many independent computations may run in + parallel (*p*). #. ``maxmem`` limits the maximum size of memory that can be used during the computation of the hash. Defaults to ``0``, which means the default limitation from the OpenSSL library. We've chosen reasonable defaults, but you may wish to tune it up or down, -depending on your security needs and available processing power. +depending on your security needs and available processing power and memory. .. admonition:: Estimating memory usage @@ -304,6 +307,9 @@ depending on your security needs and available processing power. so you may need to tweak ``maxmem`` when changing the ``work_factor`` or ``block_size`` values. + If the underlying implementation of scrypt_ is fully multithreaded, the + memory requirement is multiplied by the ``parallelism`` value. + .. _password-upgrades: Password upgrading -- cgit v1.3