svenmeier commented on pull request #462: URL: https://github.com/apache/wicket/pull/462#issuecomment-776991369
Thanks for your feedback. Of course developers can always configure their own crypt implementation. But Wicket should use sensible defaults too - currently this is not the case with a hard-coded salt and DefaultAuthenticationStrategy's default encryption-key. I'm fine with anybody stepping up and building a better solution. As Andrea pointed out, this might get difficult with the current API. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
