Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

[1.6.x] Added docs for the hasher's iteration count changes.

Backport of 28b7042 from master.
  • Loading branch information...
commit 86373dc63e8e7e06c18878d97c024b40382dc875 1 parent 823951e
Tim Graham authored October 18, 2013 apollo13 committed October 21, 2013
3  docs/releases/1.6.txt
@@ -369,7 +369,8 @@ Minor features
369 369
   increased by 20%. This backwards compatible change will not affect
370 370
   existing passwords or users who have subclassed
371 371
   ``django.contrib.auth.hashers.PBKDF2PasswordHasher`` to change the
372  
-  default value.
  372
+  default value. Passwords :ref:`will be upgraded <password-upgrades>` to use
  373
+  the new iteration count as necessary.
373 374
 
374 375
 Backwards incompatible changes in 1.6
375 376
 =====================================
8  docs/topics/auth/passwords.txt
@@ -124,6 +124,8 @@ algorithm.
124 124
    output)``. For example:
125 125
    ``bcrypt$$2a$12$NT0I31Sa7ihGEWpka9ASYrEFkhuTNeBQ2xfZskIiiJeyFXhRgS.Sy``.
126 126
 
  127
+.. _increasing-password-algorithm-work-factor:
  128
+
127 129
 Increasing the work factor
128 130
 --------------------------
129 131
 
@@ -167,6 +169,8 @@ default PBKDF2 algorithm:
167 169
 That's it -- now your Django install will use more iterations when it
168 170
 stores passwords using PBKDF2.
169 171
 
  172
+.. _password-upgrades:
  173
+
170 174
 Password upgrading
171 175
 ------------------
172 176
 
@@ -181,6 +185,10 @@ However, Django can only upgrade passwords that use algorithms mentioned in
181 185
 sure never to *remove* entries from this list. If you do, users using un-
182 186
 mentioned algorithms won't be able to upgrade.
183 187
 
  188
+.. versionadded:: 1.6
  189
+
  190
+    Passwords will be upgraded when changing the PBKDF2 iteration count.
  191
+
184 192
 .. _sha1: http://en.wikipedia.org/wiki/SHA1
185 193
 .. _pbkdf2: http://en.wikipedia.org/wiki/PBKDF2
186 194
 .. _nist: http://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf

0 notes on commit 86373dc

Please sign in to comment.
Something went wrong with that request. Please try again.