Computer operating systems, applications, World Wide Web (“Web”) sites, computers, and other types of systems commonly require users to provide credentials in order to gain access to functionality provided by the systems. For instance, a Web site might require a user to provide a username and a password in order to gain access to the functionality provided by the Web site. Other types of credentials might also be required in order to gain access to other types of programs and computing systems.
In many cases, user passwords are stored in a database in an obfuscated form. For instance, in some systems passwords are obfuscated using an obfuscation algorithm and the obfuscated passwords are stored in a database. When a user attempts to access the system, the user provides a password that is obfuscated and compared to the stored obfuscated password. If the obfuscated values match, this indicates that the user has provided the correct password and the user is permitted access to the system. If the obfuscated values do not match, the user is denied access to the system.
From time to time, it may become necessary for a system or application to migrate to a new algorithm for obfuscating passwords. For instance, a previously used algorithm may be found to have flaws that might compromise the integrity of the stored obfuscated passwords. In other cases, the processing capability of available computing resources might advance such that the strength of a previously used algorithm is lowered. Other reasons might also exist for migrating to a new algorithm for obfuscating passwords and other types of user credentials.
It is with respect to these and other considerations that the disclosure made herein is presented.