Opened 7 years ago

Closed 4 years ago

#8647 closed New feature (duplicate)

Add support for user password encryption algorithm selection

Reported by: sammyrulez Owned by:
Component: contrib.auth Version: master
Severity: Normal Keywords: password encryption
Cc: Triage Stage: Design decision needed
Has patch: yes Needs documentation: no
Needs tests: yes Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

User class in django/contrib/auth/models supports crypt algorithm in decoding password but not in the set_password method (see line 175). User password encryption algorithm should have a default but also but also configurable in project settings.

Project settings SECRET_KEY should be used in the encryption since all the data needed for brute force cracking are available in a db dump

Attachments (2)

models.py.diff (1.7 KB) - added by sammyrulez 7 years ago.
hashcompat.py.diff (478 bytes) - added by sammyrulez 7 years ago.

Download all attachments as: .zip

Change History (9)

comment:1 Changed 7 years ago by sammyrulez

  • Needs documentation unset
  • Needs tests unset
  • Owner changed from nobody to sammyrulez
  • Patch needs improvement unset
  • Status changed from new to assigned

Changed 7 years ago by sammyrulez

Changed 7 years ago by sammyrulez

comment:2 Changed 7 years ago by sammyrulez

  • Has patch set
  • Needs tests set

comment:3 Changed 7 years ago by anonymous

  • milestone post-1.0 deleted

Milestone post-1.0 deleted

comment:4 Changed 7 years ago by jacob

  • Triage Stage changed from Unreviewed to Design decision needed

comment:5 Changed 5 years ago by adamnelson

  • Owner sammyrulez deleted
  • Status changed from assigned to new

Is this an inactive ticket?

comment:6 Changed 4 years ago by lukeplant

  • Severity set to Normal
  • Type set to New feature

comment:7 Changed 4 years ago by jacob

  • Easy pickings unset
  • Resolution set to duplicate
  • Status changed from new to closed
  • UI/UX unset

#15367 is tracking this now and has up-to-date info. Marking this one as a duplicate of #15367.

Note: See TracTickets for help on using tickets.
Back to Top