hydra

History

Graham Christensen d10d8964f2 Users: add a validation step which lets the user's password be a Argon2 hashed sha1 hash. OWASP suggests expiring all passwords and requiring users to update their password. However, we don't have a way to do this. They suggest this mechanism as a good alternative: https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#upgrading-legacy-hashes	2021-04-16 12:32:13 -04:00
..
Users.t	Users: add a validation step which lets the user's password be a Argon2 hashed sha1 hash.	2021-04-16 12:32:13 -04:00

Graham Christensen d10d8964f2 Users: add a validation step which lets the user's password be a Argon2 hashed sha1 hash.

OWASP suggests expiring all passwords and requiring users to update their password.
However, we don't have a way to do this. They suggest this mechanism
as a good alternative:
https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#upgrading-legacy-hashes

2021-04-16 12:32:13 -04:00

Users.t

Users: add a validation step which lets the user's password be a Argon2 hashed sha1 hash.

2021-04-16 12:32:13 -04:00