From 6d61ec0e1a4eb5768be5add9e1c44c89dacbfa7e Mon Sep 17 00:00:00 2001 From: Jiang Haiyun Date: Mon, 4 Jul 2016 23:02:11 +0800 Subject: [PATCH] Fixed a typo in auth docs. --- docs/topics/auth/passwords.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/topics/auth/passwords.txt b/docs/topics/auth/passwords.txt index 0a8f553a786..770303ac2dc 100644 --- a/docs/topics/auth/passwords.txt +++ b/docs/topics/auth/passwords.txt @@ -146,7 +146,7 @@ algorithm. that ``bcrypt(password_with_100_chars) == bcrypt(password_with_100_chars[:72])``. The original ``BCryptPasswordHasher`` does not have any special handling and thus is also subject to this hidden password length limit. - ``BCryptSHA256PasswordHasher`` fixes this by first first hashing the + ``BCryptSHA256PasswordHasher`` fixes this by first hashing the password using sha256. This prevents the password truncation and so should be preferred over the ``BCryptPasswordHasher``. The practical ramification of this truncation is pretty marginal as the average user does not have a