Changes between Version 1 and Version 2 of Ticket #30472
- Timestamp:
- May 10, 2019, 5:40:07 AM (5 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #30472 – Description
v1 v2 5 5 3. (Aug 18, 2018) its hasher's default memory cost changed from 512 to 102400, and parallelism from 2 to 8, per [https://tools.ietf.org/html/draft-irtf-cfrg-argon2-04#section-4 RFC draft] recommendations: https://github.com/hynek/argon2_cffi/commit/1ec39f8dc7a140b68099549b799301113576bde2 6 6 7 When Django 1.10 was released, only argon2d and argon2i were available, hence the hard-coded argon2i variety in Argon2PasswordHasher. The memory_cost = 512 and parallelism = 2 were also copied from argon2-cffi at that time. 7 When Django 1.10 was released, only argon2d and argon2i were available, hence the hard-coded argon2i variety in Argon2PasswordHasher. 8 9 Though Django does not use its hasher, the memory_cost = 512 and parallelism = 2 in Argon2PasswordHasher were simply copied from argon2-cffi's hasher back then. 8 10 9 11 Now we should sync Django with upstream updates.