Opened 11 years ago

Closed 11 years ago

Last modified 11 years ago

#19562 closed Cleanup/optimization (fixed)

Documentation: How Django stores passwords out of date

Reported by: startup.canada@… Owned by: Preston Holmes
Component: Documentation Version: dev
Severity: Normal Keywords:
Cc: Triage Stage: Accepted
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

In "Password management in Django" documentation page https://docs.djangoproject.com/en/1.5/topics/auth/passwords/ , section "How Django stores passwords" it says: "The password attribute of a User object is a string in this format:
algorithm$hash"

This is out of date (since v1.4?) It should say something like:

"The password attribute of a User object is a string in this format:
algorithm$iterations$salt$hash" , where iterations is the work factor.

Thanks

Change History (4)

comment:1 by Preston Holmes, 11 years ago

Component: contrib.authDocumentation
Owner: changed from nobody to Preston Holmes
Status: newassigned
Triage Stage: UnreviewedAccepted
Version: 1.5-alpha-1master

Looks like this was missed in the 1.4 timeframe and wasn't caught during the recent refactor either.

comment:2 by Preston Holmes <preston@…>, 11 years ago

Resolution: fixed
Status: assignedclosed

In f02e1167d788280e33de3df68fa41e89cb083619:

[1.5.x] Fixed #19562 -- cleaned up password storage docs

Conflicts:

docs/topics/auth/passwords.txt

comment:3 by Preston Holmes <preston@…>, 11 years ago

In c8eff0dbcb0936aac2748a7a896d08f34b54c50f:

Fixed #19562 -- cleaned up password storage docs

comment:4 by Preston Holmes <preston@…>, 11 years ago

In f02e1167d788280e33de3df68fa41e89cb083619:

[1.5.x] Fixed #19562 -- cleaned up password storage docs

Conflicts:

docs/topics/auth/passwords.txt

Note: See TracTickets for help on using tickets.
Back to Top