[Catalyst] Migrate from SHA hashed passwords to Bcrypt crypted
passwords
Pavel Karoukin
hippich at gmail.com
Mon Jul 11 14:59:58 GMT 2011
Hello,
Right now I am using SHA hashed passwords in my Catalyst application
(https://github.com/hippich/Bitcoin-Poker-Room). While SHA is better
then MD5, I still want to migrate to Bcrypt.
I have two questions:
1) Catalyst::Authentication::Credential::Password seems to not support
Bcrypt since it relies on Digest and Digest do not have Bcrypt as an
option. Should I use DBIx::Class::EncodedColumn with
Crypt::Eksblowfish::Bcrypt ?
2) How I should update my application to have first check against new
hashing algorithm and if password returns incorrect, try old one (SHA)?
Should I do it through realms, or just check password in my
authentication controller directly instead?
Regards,
Pavel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20110711/dc04b=
69a/attachment.htm
More information about the Catalyst
mailing list