Mercurial > p > roundup > code

diff CHANGES.txt @ 7161:be7849588372

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
issue2551252 - increase PBKFD2 default rounds to 2,000,000. Current https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2 for SHA1 recommends 1,300,000 so 2,000,000.
author John Rouillard <rouilj@ieee.org>
date Thu, 23 Feb 2023 19:17:42 -0500
parents 765222ef4cec
children cfdcaf8b5936
line wrap: on
line diff
--- a/CHANGES.txt	Thu Feb 23 17:20:41 2023 -0500
+++ b/CHANGES.txt	Thu Feb 23 19:17:42 2023 -0500
@@ -72,6 +72,8 @@
   HTTP headers to calling javascript.
 - issue2551257: When downloading an attached (user supplied file),
   make sure that an 'X-Content-Type-Options: nosniff' header is sent.
+- issue2551252 - default number of rounds for PKDF2 password increased
+  to 2,000,000.
 
 Features:
Roundup Issue Tracker: http://roundup-tracker.org/