Closed Bug 612750 Opened 14 years ago Closed 14 years ago

Use SHA-256 auth backend

Tracking

(Not tracked)

Status:

VERIFIED FIXED

Milestone:

2.4

People

(Reporter: jsocol, Assigned: rrosario)

References

Details

James Socol [:jsocol, :james]

Reporter

Description

•

14 years ago

Fred has put together a lovely SHA-256 auth backend we should use, since switching to it is essentially free right now and it's at least 255 better than Django's default SHA-1.

This means we have to wipe out all currently stored passwords in auth_user.password, but that's not a particularly big deal.

James Socol [:jsocol, :james]

Reporter

Updated

•

14 years ago

Component: General → Users and Groups

Ricky Rosario [:rrosario, :r1cky]

Assignee

Updated

•

14 years ago

Assignee: nobody → rrosario

Ricky Rosario [:rrosario, :r1cky]

Assignee

Comment 1

•

14 years ago

Landed on master:
https://github.com/jsocol/kitsune/commit/7213950d4bfa32928fa5c21d543a2ed96c4b914e

Status: NEW → RESOLVED

Closed: 14 years ago

Resolution: --- → FIXED

Rebecca Billings [:rbillings]

Comment 2

•

14 years ago

Verified only able to log in using current password

Status: RESOLVED → VERIFIED

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Use SHA-256 auth backend

Categories

(support.mozilla.org :: Users and Groups, task, P1)

Tracking

(Not tracked)

People

(Reporter: jsocol, Assigned: rrosario)

References

Details

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Comment 1

Comment 2