Extra security for passwords
We've added extra security to the stored passwords in Django's authentication system. Thanks to a patch from GomoX, passwords are now stored with a salt and use SHA-1 encryption instead of MD5.
This change is backwards-incompatible, because two things have changed: the name of the database field (changed from "password_md5" to "password") and the length of the field (from 32 to 128). See the backwards-incompatible changes page for information on how to change your database. It's an easy update.
Of course, the password data itself is backwards-compatible. If Django finds a password in the old format (encrypted as MD5), it will transparently change the password's encryption to the new format (salted SHA-1) the first time user.check_password() is successfully called.
See the new Passwords section of the authentication docs for full information.
Finally, note that this change applies only to the Django development version. If you're using Django 0.90, you won't see this change until the next release.
Posted by Adrian Holovaty on November 20, 2005
Comments
GomoX November 21, 2005 at 2:57 a.m.
Yeap, as long as password hashes fit in a 128 character field, you can use any algorithm you want.
anl November 21, 2005 at 4:16 a.m.
Just wanted to say that the update is not quite so easy for sqlite3 users since the sql in the "backwards-incompatible changes page" uses alter column and drop column which if I'm not mistaken, is not supported by sqlite3.
Aaron Swartz November 21, 2005 at 9:42 a.m.
Why switch from one broken algorithm to another? Time for Salsa20?
Adrian Holovaty November 21, 2005 at 10:09 a.m.
Aaron: The most important part of this change is that it now supports any algorithm, because the algorithm is stored with the data itself.
Larry August 22, 2007 at 3:05 p.m.
There is a Python ctypes wrapper for Salsa20 at http://www.seanet.com/~bugbee/crypto/...
Comments are closed
To prevent spam, comments are no longer allowed after sixty days.
John Morton November 21, 2005 at 12:07 a.m.
Presumably this means that Django will be able to gracefully migrate to future password hash algorithms like SHA-256, 512 and bcrypt?