New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Seed the passwords with the user name #251

sodul opened this Issue Oct 29, 2013 · 1 comment


None yet
2 participants

sodul commented Oct 29, 2013

  boolean validatePassword(String password)
      return false
    if (computeOneWayHash(username+password) == oneWayHashPassword)
      return true
    // for backward compatibility with non seeded passwords.
    computeOneWayHash(password) == oneWayHashPassword

  void setPassword(String password)
    oneWayHashPassword = computeOneWayHash(username+password)

@ghost ghost assigned ypujante Nov 26, 2013

ypujante added a commit that referenced this issue Nov 27, 2013

#251: changed hashing mechanism to use bcrypt
- added a seed + use bcrypt (backward compatible)

This comment has been minimized.


ypujante commented Nov 27, 2013

Implemented in glu 5.4.0

@ypujante ypujante closed this Nov 27, 2013

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment