On Tue, Jan 5, 2010 at 10:21 PM, Benoit Chesneau <bchesn...@gmail.com> wrote: >> -- > There is a blowfish encryption implementation available in javascript. > doesn't bcrypt stand for "blowfish crypt" ? > http://www.openbsd.org/cgi-bin/man.cgi?query=bcrypt&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html > > fro where it has been created. > > - benoît >
Is anyone up to replace our salted hashes with a JS bcrypt implementation? If we can start supporting bcrypt for 0.11 we're less likely to have salted hash passwords hanging around *forever* from people who create user docs before 1.0. If no one else picks this up soon I'll look at it again for 1.0 Thanks, Chris -- Chris Anderson http://jchrisa.net http://couch.io