Use SHA-256 auth backend

VERIFIED FIXED in 2.4

Status

support.mozilla.org
Users and Groups
P1
normal
VERIFIED FIXED
7 years ago
7 years ago

People

(Reporter: jsocol, Assigned: rrosario)

Tracking

unspecified

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

7 years ago
Fred has put together a lovely SHA-256 auth backend we should use, since switching to it is essentially free right now and it's at least 255 better than Django's default SHA-1.

This means we have to wipe out all currently stored passwords in auth_user.password, but that's not a particularly big deal.
(Reporter)

Updated

7 years ago
Component: General → Users and Groups
(Assignee)

Updated

7 years ago
Assignee: nobody → rrosario
(Assignee)

Comment 1

7 years ago
Landed on master:
https://github.com/jsocol/kitsune/commit/7213950d4bfa32928fa5c21d543a2ed96c4b914e
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED
Verified only able to log in using current password
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.