Password Hashes, Again
Reed Loden
reed at reedloden.com
Wed Sep 4 06:12:05 UTC 2013
On Wed, 4 Sep 2013 07:59:35 +0200
Michiel Beijen <michiel.beijen at gmail.com> wrote:
> Plus, the method we chose allows for 'seamless upgrade' - if you have
> an existing OTRS system, and you switch bcrypt on, any existing
> password hashes will still work, but if you change your password or
> create a new user, that'll use bcrypt.
>
> This was pretty trivial to implement and I think it would be helpful
> for bugzilla as well, especially for larger installations. If anyone
> is interested, maybe I can provide a patch against bugzilla for the
> same.
I basically wrote the majority of a patch to do just that a while ago,
but I haven't had any time to drive it to completion. I welcome anybody
who wants to take where I left off and get the patch fully tested and
ready for review.
https://bugzilla.mozilla.org/show_bug.cgi?id=672129
~reed
More information about the developers
mailing list