Improved security in Couchbase 4.5: SCRAM-SHA
Blog post from Couchbase
Couchbase 4.5 introduces a new security feature called SCRAM-SHA, aimed at enhancing user authentication and defending against brute-force attacks. This mechanism, which stands for Salted Challenge Response Authentication Mechanism, improves upon the previous CRAM-MD5 login scheme by exchanging hashed items between the client and server, which cannot be replayed. SCRAM is adaptable, supporting various hash algorithms like SHA1, SHA-256, and SHA-512, with Couchbase defaulting to the highest level of security, SHA-512. To utilize SCRAM-SHA, users need to upgrade to Couchbase 4.5, and the SDK will manage the authentication process, reverting to CRAM-MD5 for older Couchbase versions if necessary. While SCRAM-SHA offers enhanced security features, using TLS is still recommended for optimal protection.
No tracked trend matches for this post yet.
Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.