Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Added note to releases/1.4.txt about contrib.auth user password hash-…

…upgrade sequence. Thanks, ericholscher

git-svn-id: http://code.djangoproject.com/svn/django/trunk@17687 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit ebc6fc9354c857bc0ac00895175c2575b01b1bd7 1 parent dd246a6
Adrian Holovaty authored March 12, 2012

Showing 1 changed file with 11 additions and 0 deletions. Show diff stats Hide diff stats

  1. 11  docs/releases/1.4.txt
11  docs/releases/1.4.txt
@@ -777,6 +777,17 @@ instance:
777 777
   * Time period: The amount of time you expect user to take filling out
778 778
     such forms.
779 779
 
  780
+* ``contrib.auth`` user password hash-upgrade sequence
  781
+
  782
+  * Consequences: Each user's password will be updated to a stronger password
  783
+    hash when it's written to the database in 1.4. This means that if you
  784
+    upgrade to 1.4 and then need to downgrade to 1.3, version 1.3 won't be able
  785
+    to read the updated passwords.
  786
+
  787
+  * Remedy: Set :setting:`PASSWORD_HASHERS` to use your original password
  788
+    hashing when you initially upgrade to 1.4. After you confirm your app works
  789
+    well with Django 1.4 and you won't have to roll back to 1.3, enable the new
  790
+    password hashes.
780 791
 
781 792
 django.contrib.flatpages
782 793
 ~~~~~~~~~~~~~~~~~~~~~~~~

0 notes on commit ebc6fc9

Please sign in to comment.
Something went wrong with that request. Please try again.