Home / Companies / Couchbase / Blog / Post Details
Content Deep Dive

Improved security in Couchbase 4.5: SCRAM-SHA

Blog post from Couchbase

Post Details
Company
Date Published
Author
Matthew Groves
Word Count
272
Company Posts That Month
32
Language
English
Hacker News Points
-
Post removed?
No
Summary

Couchbase 4.5 introduces a new security feature called SCRAM-SHA, aimed at enhancing user authentication and defending against brute-force attacks. This mechanism, which stands for Salted Challenge Response Authentication Mechanism, improves upon the previous CRAM-MD5 login scheme by exchanging hashed items between the client and server, which cannot be replayed. SCRAM is adaptable, supporting various hash algorithms like SHA1, SHA-256, and SHA-512, with Couchbase defaulting to the highest level of security, SHA-512. To utilize SCRAM-SHA, users need to upgrade to Couchbase 4.5, and the SDK will manage the authentication process, reverting to CRAM-MD5 for older Couchbase versions if necessary. While SCRAM-SHA offers enhanced security features, using TLS is still recommended for optimal protection.

Trends Found in this Post

No tracked trend matches for this post yet.

Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.