Add support for user password encryption algorithm selection
User class in django/contrib/auth/models supports crypt algorithm in decoding password but not in the set_password method (see line 175). User password encryption algorithm should have a default but also but also configurable in project settings.
Project settings SECRET_KEY should be used in the encryption since all the data needed for brute force cracking are available in a db dump
Change History
(9)
Owner: |
changed from nobody to Sam Reghenzi
|
Status: |
new → assigned
|
Has patch: |
set
|
Needs tests: |
set
|
Triage Stage: |
Unreviewed → Design decision needed
|
Owner: |
Sam Reghenzi removed
|
Status: |
assigned → new
|
Severity: |
→ Normal
|
Type: |
→ New feature
|
Easy pickings: |
unset
|
Resolution: |
→ duplicate
|
Status: |
new → closed
|
UI/UX: |
unset
|
Milestone post-1.0 deleted