From 28b70425afb2fb8bcbec09d249e37fa786f8a155 Mon Sep 17 00:00:00 2001 From: Tim Graham Date: Fri, 18 Oct 2013 09:09:56 -0400 Subject: Added docs for the hasher's iteration count changes. --- docs/topics/auth/passwords.txt | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'docs/topics') diff --git a/docs/topics/auth/passwords.txt b/docs/topics/auth/passwords.txt index 7e4b59a99c..12b11822e1 100644 --- a/docs/topics/auth/passwords.txt +++ b/docs/topics/auth/passwords.txt @@ -124,6 +124,8 @@ algorithm. output)``. For example: ``bcrypt$$2a$12$NT0I31Sa7ihGEWpka9ASYrEFkhuTNeBQ2xfZskIiiJeyFXhRgS.Sy``. +.. _increasing-password-algorithm-work-factor: + Increasing the work factor -------------------------- @@ -167,6 +169,8 @@ default PBKDF2 algorithm: That's it -- now your Django install will use more iterations when it stores passwords using PBKDF2. +.. _password-upgrades: + Password upgrading ------------------ @@ -181,6 +185,10 @@ However, Django can only upgrade passwords that use algorithms mentioned in sure never to *remove* entries from this list. If you do, users using un- mentioned algorithms won't be able to upgrade. +.. versionadded:: 1.6 + + Passwords will be upgraded when changing the PBKDF2 iteration count. + .. _sha1: http://en.wikipedia.org/wiki/SHA1 .. _pbkdf2: http://en.wikipedia.org/wiki/PBKDF2 .. _nist: http://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf -- cgit v1.3