Add a stronger authentication scheme, ideally something certificate-based. The current protocol for password authentication using Md5 looks reversible via rainbow (not confirmed).
- has to be done before
-
CSHARP-573 Change MD5 Hash for Machine Key to Something FIPS Compliant
- Closed
- is depended on by
-
SERVER-7648 Support Use of FIPS 140-2 Compliant Crypto Library
- Closed
- is related to
-
SERVER-7596 Support SCRAM-SHA-1 SASL Mechanism
- Closed
- related to
-
SERVER-9058 Use FIPS-140-2 Approved Pseudorandom Number Generator for SecureRandom
- Backlog