cubicweb #2465904 upgrade weak hashes automatically on login [resolved]
When a weak password hash is stored for a user, we should be able to automatically upgrade it to sha512 on their next login. | |
| priority | normal |
|---|---|
| type | enhancement |
| done in | 3.15.4 |
| load left | 0.000 |
| closed by | #3d2038d6f20d [sources/native] automatically update passwords using deprecated hashes on login |
similar entities
- cubicweb #1698245 Convert __message to _cwmsgid to increase security
- cubicweb #511718 explain why rql expr insertion doesn't work to ease security debugging
- TheCubicWebBook #656194 CW Administration: how to give dynamic permissions
- cubicweb #1346310 Add `Secure` attribute to cookie when navigating on https
- cubicweb #1381390 Implement HTTP Strict Transport Security for https
[see all]