diff options
Diffstat (limited to 'django/utils')
| -rw-r--r-- | django/utils/crypto.py | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/django/utils/crypto.py b/django/utils/crypto.py index 3c15b8b35b..3331424cb7 100644 --- a/django/utils/crypto.py +++ b/django/utils/crypto.py @@ -139,11 +139,12 @@ def pbkdf2(password, salt, iterations, dklen=0, digest=None): HMAC+SHA256 is used as the default pseudo random function. - Right now 10,000 iterations is the recommended default which takes - 100ms on a 2.2Ghz Core 2 Duo. This is probably the bare minimum - for security given 1000 iterations was recommended in 2001. This - code is very well optimized for CPython and is only four times - slower than openssl's implementation. + As of 2011, 10,000 iterations was the recommended default which + took 100ms on a 2.2Ghz Core 2 Duo. This is probably the bare + minimum for security given 1000 iterations was recommended in + 2001. This code is very well optimized for CPython and is only + four times slower than openssl's implementation. Look in + django.contrib.auth.hashers for the present default. """ assert iterations > 0 if not digest: |
