Knox E-FOTA On-Premises release notes — 2Q 2022

Updates to password hash algorithm

Previously, Knox E-FOTA On-Premises used the bcrypt password hash algorithm.

Starting with this release, passwords are now hashed with the PBKDF2 algorithm to offer more flexible password security measures for high-security enterprises.

Benefits of the PBKDF2 algorithm include:

  • Longer salt length and key length — 128 bits or higher
  • Higher key iteration count — 10,000 or higher
  • Lightweight pseudorandom function (PRF) — HMAC-SHA256 or HMAC-SHA512

Password length configuration

To comply with enterprise security regulations, Samsung installation engineers can now set a minimum and maximum length for user passwords. By default, the minimum password length is set to 8 characters, and the maximum is set to 12. The minimum password length that an installation engineer can set is 8–20 characters. The maximum length can be 12–30 characters.

IMPORTANT — Existing user passwords are not affected by this change. However, when an old password is updated, the new password must conform to the current policy.