Please sign in to comment.
Improve poor security recommendation in docs
As reported in #9960, the current documentation recommends an insecure practice for key generation from a password (a single round of SHA-256). The modified documentation uses ActiveSupport::KeyGenerator to perform proper key stretching.
- Loading branch information...
Showing with 5 additions and 4 deletions.