Permalink
Browse files

Added PASSWORD_HASHERS to settings reference document.

  • Loading branch information...
1 parent 6534a95 commit abd0f304b162b3120b1c7321fbfc3090e5f3c92c @ramiro ramiro committed Dec 19, 2012
Showing with 19 additions and 0 deletions.
  1. +19 −0 docs/ref/settings.txt
View
@@ -1450,6 +1450,25 @@ format has higher precedence and will be applied instead.
See also :setting:`DECIMAL_SEPARATOR`, :setting:`THOUSAND_SEPARATOR` and
:setting:`USE_THOUSAND_SEPARATOR`.
+.. setting:: PASSWORD_HASHERS
+
+PASSWORD_HASHERS
+----------------
+
+.. versionadded:: 1.4
+
+See :ref:`auth_password_storage`.
+
+Default::
+
+ ('django.contrib.auth.hashers.PBKDF2PasswordHasher',
+ 'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
+ 'django.contrib.auth.hashers.BCryptPasswordHasher',
+ 'django.contrib.auth.hashers.SHA1PasswordHasher',
+ 'django.contrib.auth.hashers.MD5PasswordHasher',
+ 'django.contrib.auth.hashers.UnsaltedMD5PasswordHasher',
+ 'django.contrib.auth.hashers.CryptPasswordHasher',)
+
.. setting:: PASSWORD_RESET_TIMEOUT_DAYS
PASSWORD_RESET_TIMEOUT_DAYS

2 comments on commit abd0f30

@timgraham
Member

FWIW, this was discussed and sort of rejected in https://code.djangoproject.com/ticket/19014

@ramiro
Member
ramiro commented on abd0f30 Dec 19, 2012

Oh sorry for not searching Trac and thanks for your work on that ticket.

I've found about this while trying to learn about the 1.3.->1.4->1.5 migration path and I've read one thread in the last week related to this (i.e. this is affecting users in the real world).

I can undo the commit easily but OTOH I think it's better to it documented and don't block on a theoretical future doc refactoring.

Also, w/ this we have dummy :setting:PASSWORD_HASHERS in other parts of the docs.

And we already have another django.contrib.auth setting (PASSWORD_RESET_TIMEOUT_DAYS) just below it.

Please sign in to comment.