mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-08-08 21:08:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

[1.6.x] Increased default PBKDF2 iterations

Browse source 
Increases the default PBKDF2 iterations, since computers have gotten
faster since 2011. In the future, we plan to increment by 10% per
major version.

Backport of a075e2ad0d from master
This commit is contained in:
Paul McMillan 2013-09-19 17:39:43 +01:00 committed by Tim Graham
parent 9888bb28ee
commit 85ba68cc14
5 changed files with 27 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

7
docs/internals/howto-release-django.txt
View file

@ -88,6 +88,13 @@ any time leading up to the actual release:
emails at *FIXME WHERE?*. This email should be signed by the key you'll use
for the release, and should include patches for each issue being fixed.
#. If this is a major release, make sure the tests pass, then increase
the default PBKDF2 iterations in
``django.contrib.auth.hashers.PBKDF2PasswordHasher`` by about 10%
(pick a round number). Run the tests, and update the 3 failing
hasher tests with the new values. Make sure this gets noted in the
release notes (see release notes on 1.6 for an example).
#. As the release approaches, watch Trac to make sure no release blockers
are left for the upcoming release.