[1.7.x] Increased the default PBKDF2 iterations.

2025-08-18 17:50:58 +00:00 · 2015-01-03 13:36:13 -05:00 · 2015-01-03 13:36:13 -05:00 · 4aed731154
commit 4aed731154
parent 0a06ae9ef3
3 changed files with 11 additions and 6 deletions
--- a/docs/releases/1.7.3.txt
+++ b/docs/releases/1.7.3.txt
@ -11,4 +11,9 @@ Django 1.7.3 fixes several bugs in 1.7.2.
 Bugfixes
 ========

-* ...
+* The default iteration count for the PBKDF2 password hasher has been
+  increased by 25%. This part of the normal major release process was
+  inadvertently omitted in 1.7. This backwards compatible change will not
+  affect users who have subclassed
+  ``django.contrib.auth.hashers.PBKDF2PasswordHasher`` to change the
+  default value.