You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@couchdb.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2014/02/23 19:01:19 UTC

[jira] [Commented] (COUCHDB-1780) Upgrade users password hash on login, not password change

    [ https://issues.apache.org/jira/browse/COUCHDB-1780?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13909822#comment-13909822 ] 

ASF subversion and git services commented on COUCHDB-1780:
----------------------------------------------------------

Commit 348889380c3b98d7f1a6c8963fc2eb4ee08c1db7 in couchdb's branch refs/heads/master from [~klaus_trainer]
[ https://git-wip-us.apache.org/repos/asf?p=couchdb.git;h=3488893 ]

Upgrade password hashes on authentication

We now upgrade user docs to the new PBKDF2 password scheme on successful
authentication if the password hash is still from the old days where we
only used plain SHA-1 for hashing salted passwords.

Closes COUCHDB-1780.


> Upgrade users password hash on login, not password change
> ---------------------------------------------------------
>
>                 Key: COUCHDB-1780
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-1780
>             Project: CouchDB
>          Issue Type: Improvement
>            Reporter: Robert Newson
>             Fix For: 1.7.0
>
>
> We can upgrade users hashes to PBKDF2 on login, we don't need to wait for a password change.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)