On Sep 22, 2015, at 10:18 AM, Tim Graham <timogra...@gmail.com> wrote:
> As I understand it, the problem with increasing the number of iterations on > the slower hasher is that upgrading Django could effectively result in a DDoS > attack after you upgrade Django as users passwords are upgraded. Is that correct? My understanding was that the passwords were only modified when changed. Given that it is a unidirectional hash, I'm not sure how they *would* be rehashed. -- -- Christophe Pettus x...@thebuild.com -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To post to this group, send email to django-developers@googlegroups.com. Visit this group at http://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/07FDF35A-5495-4BFE-A4CE-BD976537B5B0%40thebuild.com. For more options, visit https://groups.google.com/d/optout.
