[jetty-dev] Can someone please shed some light on the security of password hashing offered in jetty?
Specifically, it seems jetty only supports MD5 and UnixCrypt as
methods for hashing passwords, neither is considered secure (someone
correct me on this).
Is the expectation that users who want
security will roll their own LoginService implementations and support
stronger methods (sha2+,bcrypt)?