[1.6.x] Added docs for the hasher's iteration count changes.
Backport of 28b70425af
from master.
This commit is contained in:
parent
823951ec55
commit
86373dc63e
|
@ -369,7 +369,8 @@ Minor features
|
|||
increased by 20%. This backwards compatible change will not affect
|
||||
existing passwords or users who have subclassed
|
||||
``django.contrib.auth.hashers.PBKDF2PasswordHasher`` to change the
|
||||
default value.
|
||||
default value. Passwords :ref:`will be upgraded <password-upgrades>` to use
|
||||
the new iteration count as necessary.
|
||||
|
||||
Backwards incompatible changes in 1.6
|
||||
=====================================
|
||||
|
|
|
@ -124,6 +124,8 @@ algorithm.
|
|||
output)``. For example:
|
||||
``bcrypt$$2a$12$NT0I31Sa7ihGEWpka9ASYrEFkhuTNeBQ2xfZskIiiJeyFXhRgS.Sy``.
|
||||
|
||||
.. _increasing-password-algorithm-work-factor:
|
||||
|
||||
Increasing the work factor
|
||||
--------------------------
|
||||
|
||||
|
@ -167,6 +169,8 @@ default PBKDF2 algorithm:
|
|||
That's it -- now your Django install will use more iterations when it
|
||||
stores passwords using PBKDF2.
|
||||
|
||||
.. _password-upgrades:
|
||||
|
||||
Password upgrading
|
||||
------------------
|
||||
|
||||
|
@ -181,6 +185,10 @@ However, Django can only upgrade passwords that use algorithms mentioned in
|
|||
sure never to *remove* entries from this list. If you do, users using un-
|
||||
mentioned algorithms won't be able to upgrade.
|
||||
|
||||
.. versionadded:: 1.6
|
||||
|
||||
Passwords will be upgraded when changing the PBKDF2 iteration count.
|
||||
|
||||
.. _sha1: http://en.wikipedia.org/wiki/SHA1
|
||||
.. _pbkdf2: http://en.wikipedia.org/wiki/PBKDF2
|
||||
.. _nist: http://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf
|
||||
|
|
Loading…
Reference in New Issue