https://stackoverflow.com/questions/23563308
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianYes, "When users log in, if their passwords are stored with anything other than the preferred algorithm, Django will automatically upgrade the algorithm to the preferred one." Relevant docs.
Will Django update passwords that doesn't have the current password hasher?
Question
If I update PASSWORD_HASHERS in Django settings, will Django automatically update the passwords of users that were hashed with a previous algorithm when they sign in?
I'm working with a table of users and passwords where some has been hashed with sha1 or md5 and some with bcrypt. I want to make sure that as users sign in, their passwords are updated with bcrypt so that I can progressively become more secure.
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
