Hello, Right now I am using SHA hashed passwords in my Catalyst application (https://github.com/hippich/Bitcoin-Poker-Room). While SHA is better then MD5, I still want to migrate to Bcrypt.
I have two questions: 1) Catalyst::Authentication::Credential::Password seems to not support Bcrypt since it relies on Digest and Digest do not have Bcrypt as an option. Should I use DBIx::Class::EncodedColumn with Crypt::Eksblowfish::Bcrypt ? 2) How I should update my application to have first check against new hashing algorithm and if password returns incorrect, try old one (SHA)? Should I do it through realms, or just check password in my authentication controller directly instead? Regards, Pavel
_______________________________________________ List: [email protected] Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[email protected]/ Dev site: http://dev.catalyst.perl.org/
