Opened 16 years ago

Closed 13 years ago

#8647 closed New feature (duplicate)

Add support for user password encryption algorithm selection

Reported by: Sam Reghenzi Owned by:
Component: contrib.auth Version: dev
Severity: Normal Keywords: password encryption
Cc: Triage Stage: Design decision needed
Has patch: yes Needs documentation: no
Needs tests: yes Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

User class in django/contrib/auth/models supports crypt algorithm in decoding password but not in the set_password method (see line 175). User password encryption algorithm should have a default but also but also configurable in project settings.

Project settings SECRET_KEY should be used in the encryption since all the data needed for brute force cracking are available in a db dump

Attachments (2)

models.py.diff (1.7 KB ) - added by Sam Reghenzi 15 years ago.
hashcompat.py.diff (478 bytes ) - added by Sam Reghenzi 15 years ago.

Download all attachments as: .zip

Change History (9)

comment:1 by Sam Reghenzi, 15 years ago

Owner: changed from nobody to Sam Reghenzi
Status: newassigned

by Sam Reghenzi, 15 years ago

Attachment: models.py.diff added

by Sam Reghenzi, 15 years ago

Attachment: hashcompat.py.diff added

comment:2 by Sam Reghenzi, 15 years ago

Has patch: set
Needs tests: set

comment:3 by (none), 15 years ago

milestone: post-1.0

Milestone post-1.0 deleted

comment:4 by Jacob, 15 years ago

Triage Stage: UnreviewedDesign decision needed

comment:5 by Adam Nelson, 13 years ago

Owner: Sam Reghenzi removed
Status: assignednew

Is this an inactive ticket?

comment:6 by Luke Plant, 13 years ago

Severity: Normal
Type: New feature

comment:7 by Jacob, 13 years ago

Easy pickings: unset
Resolution: duplicate
Status: newclosed
UI/UX: unset

#15367 is tracking this now and has up-to-date info. Marking this one as a duplicate of #15367.

Note: See TracTickets for help on using tickets.
Back to Top