Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Added PASSWORD_HASHERS to settings reference document.

  • Loading branch information...
commit abd0f304b162b3120b1c7321fbfc3090e5f3c92c 1 parent 6534a95
Ramiro Morales authored December 19, 2012

Showing 1 changed file with 19 additions and 0 deletions. Show diff stats Hide diff stats

  1. 19  docs/ref/settings.txt
19  docs/ref/settings.txt
@@ -1450,6 +1450,25 @@ format has higher precedence and will be applied instead.
1450 1450
 See also :setting:`DECIMAL_SEPARATOR`, :setting:`THOUSAND_SEPARATOR` and
1451 1451
 :setting:`USE_THOUSAND_SEPARATOR`.
1452 1452
 
  1453
+.. setting:: PASSWORD_HASHERS
  1454
+
  1455
+PASSWORD_HASHERS
  1456
+----------------
  1457
+
  1458
+.. versionadded:: 1.4
  1459
+
  1460
+See :ref:`auth_password_storage`.
  1461
+
  1462
+Default::
  1463
+
  1464
+    ('django.contrib.auth.hashers.PBKDF2PasswordHasher',
  1465
+     'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
  1466
+     'django.contrib.auth.hashers.BCryptPasswordHasher',
  1467
+     'django.contrib.auth.hashers.SHA1PasswordHasher',
  1468
+     'django.contrib.auth.hashers.MD5PasswordHasher',
  1469
+     'django.contrib.auth.hashers.UnsaltedMD5PasswordHasher',
  1470
+     'django.contrib.auth.hashers.CryptPasswordHasher',)
  1471
+
1453 1472
 .. setting:: PASSWORD_RESET_TIMEOUT_DAYS
1454 1473
 
1455 1474
 PASSWORD_RESET_TIMEOUT_DAYS

2 notes on commit abd0f30

Tim Graham
Owner

FWIW, this was discussed and sort of rejected in https://code.djangoproject.com/ticket/19014

Ramiro Morales
Owner

Oh sorry for not searching Trac and thanks for your work on that ticket.

I've found about this while trying to learn about the 1.3.->1.4->1.5 migration path and I've read one thread in the last week related to this (i.e. this is affecting users in the real world).

I can undo the commit easily but OTOH I think it's better to it documented and don't block on a theoretical future doc refactoring.

Also, w/ this we have dummy :setting:PASSWORD_HASHERS in other parts of the docs.

And we already have another django.contrib.auth setting (PASSWORD_RESET_TIMEOUT_DAYS) just below it.

Please sign in to comment.
Something went wrong with that request. Please try again.