summaryrefslogtreecommitdiff
path: root/docs/topics/auth/passwords.txt
AgeCommit message (Collapse)Author
2025-12-04Fixed #36744 -- Improved scrypt password hasher docs.Dmitry Chestnykh
- Corrected work_factor description and its requirements. - Added block_size description. - Changed parallelism description to mention computations, rather than threads (currently it's not multithreaded.) - For all of the above, added standard scrypt terminology (N, r, p). - Mentioned that in multithreaded implementations, parallelism also influences the memory requirements.
2025-09-17Removed versionadded/changed annotations for 5.2.Jacob Walls
2025-08-25Refs #36485 -- Rewrapped docs to 79 columns line length.David Smith
Lines in the docs files were manually adjusted to conform to the 79 columns limit per line (plus newline), improving readability and consistency across the content.
2025-08-25Refs #36485 -- Removed double spaces after periods in sentences.Natalia
2024-10-15Fixed #35782 -- Allowed overriding password validation error messages.Ben Cail
2024-10-15Refs #35782 -- Documented the get_help_text methods in password validators.Ben Cail
2024-06-24Migrated setuptools configuration to pyproject.toml.Claude Paroz
This branch migrates setuptools configuration from setup.py/setup.cfg to pyproject.toml. In order to ensure that the generated binary files have consistent casing (both the tarball and the wheel), setuptools version is limited to ">=61.0.0,<69.3.0". Configuration for flake8 was moved to a dedicated .flake8 file since it cannot be configured via pyproject.toml. Also, __pycache__ exclusion was removed from MANIFEST and the extras/Makefile was replaced with a simpler build command. Co-authored-by: Nick Pope <nick@nickpope.me.uk>
2024-05-22Removed versionadded/changed annotations for 5.0.Natalia
This also removes remaining versionadded/changed annotations for older versions.
2023-11-15Fixed #34970 -- Clarified Password Validation docs regarding the ↵Markus Amalthea Magnuson
password_changed callback.
2023-09-18Removed versionadded/changed annotations for 4.2.Mariusz Felisiak
This also removes remaining versionadded/changed annotations for older versions.
2023-05-18Fixed #34565 -- Added support for async checking of user passwords.HappyDingning
2023-04-17Used extlinks for PyPI links.Tim Graham
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2023-03-01Fixed #34140 -- Reformatted code blocks in docs with blacken-docs.django-bot
2023-02-28Refs #34140 -- Corrected rst code-block and various formatting issues in docs.Joseph Victor Zammit
2023-01-30Fixed typo in docs/topics/auth/passwords.txt.fschwebel
Wrapped hashing is only possible if the inner wrapped function is the same as the previous hasher.
2022-11-28Doc's check_password()'s setter and preferred arguments.Mariusz Felisiak
Follow up to 90e05aaeac612a4251640564aa65f103ac635e12.
2022-09-28Fixed #34056 -- Updated the list of common passwords for ↵Paolo Melchiorre
CommonPasswordValidator.
2022-09-17Fixed #34017 -- Doc'd that Argon2id variant is used by Argon2PasswordHasher.Ritik Soni
2022-07-23Refs #33691 -- Deprecated insecure password hashers.Claude Paroz
SHA1PasswordHasher, UnsaltedSHA1PasswordHasher, and UnsaltedMD5PasswordHasher are now deprecated.
2022-05-31Fixed docs build with sphinxcontrib-spelling 7.5.0+.Mariusz Felisiak
sphinxcontrib-spelling 7.5.0+ includes captions of figures in the set of nodes for which the text is checked.
2022-05-17Removed versionadded/changed annotations for 4.0.Carlton Gibson
2022-05-11Fixed #33691 -- Deprecated django.contrib.auth.hashers.CryptPasswordHasher.Mariusz Felisiak
2022-01-13Clarified how contrib.auth picks a password hasher for verification.Adam Johnson
2022-01-04Fixed CVE-2021-45115 -- Prevented DoS vector in ↵Florian Apolloner
UserAttributeSimilarityValidator. Thanks Chris Bailey for the report. Co-authored-by: Adam Johnson <me@adamj.eu>
2021-12-28Avoided counting attributes and methods in docs.Mariusz Felisiak
2021-12-13Improved wording in password validators docs and docstrings.Adam Johnson
2021-09-20Removed versionadded/changed annotations for 3.2.Mariusz Felisiak
2021-07-22Fixed #32275 -- Added scrypt password hasher.ryowright
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-05-20Clarified docs about increasing the work factor for bcrypt hasher.yyyyyyyan
2021-05-17Refs #32720 -- Updated various links in docs to avoid redirects and use HTTPS.Nick Pope
2021-01-14Removed versionadded/changed annotations for 3.1.Mariusz Felisiak
2021-01-14Fixed #31358 -- Increased salt entropy of password hashers.Jon Moroney
Co-authored-by: Florian Apolloner <florian@apolloner.eu>
2020-08-11Added note about password updates on argon2 attributes change.Roy Zheng
2020-03-31Fixed #31375 -- Made contrib.auth.hashers.make_password() accept only bytes ↵Hasan Ramezani
or strings.
2019-11-08Fixed #30948 -- Changed packaging to use declarative config in setup.cfg.Jon Dufresne
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2019-09-06Fixed #30573 -- Rephrased documentation to avoid words that minimise the ↵Tobias Kunze
involved difficulty. This patch does not remove all occurrences of the words in question. Rather, I went through all of the occurrences of the words listed below, and judged if they a) suggested the reader had some kind of knowledge/experience, and b) if they added anything of value (including tone of voice, etc). I left most of the words alone. I looked at the following words: - simply/simple - easy/easier/easiest - obvious - just - merely - straightforward - ridiculous Thanks to Carlton Gibson for guidance on how to approach this issue, and to Tim Bell for providing the idea. But the enormous lion's share of thanks go to Adam Johnson for his patient and helpful review.
2019-04-18Fixed #30367 -- Changed "pip install" to "python -m pip install" in docs, ↵Ramiro Morales
comments and hints.
2019-02-08Removed extra characters in docs header underlines.Mariusz Felisiak
2019-01-17Removed versionadded/changed annotations for 2.1.Tim Graham
2018-11-15Used auto-numbered lists in documentation.François Freitag
2018-09-10Refs #20910 -- Replaced snippet directive with code-block.Curtis Maloney
2018-04-23Fixed typos in docs/topics/auth/passwords.txt.adamth
2018-04-17Fixed #29334 -- Updated pypi.python.org URLs to pypi.org.Brett Cannon
2018-04-16Fixed #29274 -- Increased the number of common passwords from 1k to 20k.GS-14
2018-03-22Fixed #28718 -- Allowed user to request a password reset if their password ↵Tim Graham
doesn't use an enabled hasher. Regression in aeb1389442d0f9669edf6660b747fd10693b63a7. Reverted changes to is_password_usable() from 703c266682be39f7153498ad0d8031231f12ee79 and documentation changes from 92f48680dbd2e02f2b33f6ad0e35b7d337889fb2.
2018-02-26Fixed #29161 -- Removed BCryptPasswordHasher from PASSWORD_HASHERS.Tim Graham
2018-01-15Fixed #28881 -- Doc'd that CommonPasswordValidator's password list must be ↵Karmen
lowercase.
2017-06-26Refs #23919 -- Stopped inheriting from object to define new style classes.Mariusz Felisiak
Tests and docs complement to cecc079168e8669138728d31611ff3a1e7eb3a9f.
2017-02-07Converted usage of ugettext* functions to their gettext* aliasesClaude Paroz
Thanks Tim Graham for the review.
2017-01-25Refs #23919 -- Replaced super(ClassName, self) with super() in docs.chillaranand