Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Added PASSWORD_HASHERS to settings reference document.

  • Loading branch information...
commit abd0f304b162b3120b1c7321fbfc3090e5f3c92c 1 parent 6534a95
@ramiro ramiro authored
Showing with 19 additions and 0 deletions.
  1. +19 −0 docs/ref/settings.txt
View
19 docs/ref/settings.txt
@@ -1450,6 +1450,25 @@ format has higher precedence and will be applied instead.
See also :setting:`DECIMAL_SEPARATOR`, :setting:`THOUSAND_SEPARATOR` and
:setting:`USE_THOUSAND_SEPARATOR`.
+.. setting:: PASSWORD_HASHERS
+
+PASSWORD_HASHERS
+----------------
+
+.. versionadded:: 1.4
+
+See :ref:`auth_password_storage`.
+
+Default::
+
+ ('django.contrib.auth.hashers.PBKDF2PasswordHasher',
+ 'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
+ 'django.contrib.auth.hashers.BCryptPasswordHasher',
+ 'django.contrib.auth.hashers.SHA1PasswordHasher',
+ 'django.contrib.auth.hashers.MD5PasswordHasher',
+ 'django.contrib.auth.hashers.UnsaltedMD5PasswordHasher',
+ 'django.contrib.auth.hashers.CryptPasswordHasher',)
+
.. setting:: PASSWORD_RESET_TIMEOUT_DAYS
PASSWORD_RESET_TIMEOUT_DAYS

2 comments on commit abd0f30

@timgraham
Owner

FWIW, this was discussed and sort of rejected in https://code.djangoproject.com/ticket/19014

@ramiro
Collaborator

Oh sorry for not searching Trac and thanks for your work on that ticket.

I've found about this while trying to learn about the 1.3.->1.4->1.5 migration path and I've read one thread in the last week related to this (i.e. this is affecting users in the real world).

I can undo the commit easily but OTOH I think it's better to it documented and don't block on a theoretical future doc refactoring.

Also, w/ this we have dummy :setting:PASSWORD_HASHERS in other parts of the docs.

And we already have another django.contrib.auth setting (PASSWORD_RESET_TIMEOUT_DAYS) just below it.

Please sign in to comment.
Something went wrong with that request. Please try again.