#31358: Increase default password salt size in BasePasswordHasher. --------------------------------------+------------------------------------ Reporter: Jon Moroney | Owner: nobody Type: Cleanup/optimization | Status: new Component: Utilities | Version: master Severity: Normal | Resolution: Keywords: | Triage Stage: Accepted Has patch: 1 | Needs documentation: 1 Needs tests: 0 | Patch needs improvement: 1 Easy pickings: 0 | UI/UX: 0 --------------------------------------+------------------------------------
Comment (by Jon Moroney): To circle back on this and to document the state of things for future readers. The current PR here https://github.com/django/django/pull/12553 Changes the measure of salt from characters to bits and from ~71 bits to 128 bits. The PR is ready but is hinging on the question of updating prior database entries which have a smaller salt than the 128bit value. -- Ticket URL: <https://code.djangoproject.com/ticket/31358#comment:46> Django <https://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-updates+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-updates/066.3fb3cd412fc4c761fe61398a2ee11308%40djangoproject.com.