Skip to content
Yesod.Auth.HashDB plugin, now moved out of main yesod-auth package
Find file


This is the Yesod.Auth.HashDB plugin, which used to be part of yesod-auth prior to version 1.3, but has now been moved out of the main package.

Versions of this plugin prior to its removal from yesod-auth used a relatively weak hashing algorithm (a single round of SHA1) which does not provide adequate protection against an attacker who discovers the hashed passwords. See:

It has now been rewritten to use Crypto.PasswordStore, but this has been done in a way which preserves compatibility both with the API and with databases which have been set up using older versions of this module.

See the module documentation for further details.

Something went wrong with that request. Please try again.