Thank you, Tim. I appreciate your reply.
*Uri Even-Chen* [image: photo] Phone: +972-54-3995700 Email: [email protected] Website: http://www.speedysoftware.com/uri/en/ <http://www.facebook.com/urievenchen> <http://plus.google.com/+urievenchen> <http://www.linkedin.com/in/urievenchen> <http://twitter.com/urievenchen> On Sun, Sep 4, 2016 at 9:37 PM, Tim Graham <[email protected]> wrote: > I suspect passwords were always salted and hashed, though things have > improved over the years. In particular, PBKDF2 hashing was added in Django > 1.4: > > https://docs.djangoproject.com/en/stable/releases/1.4/# > improved-password-hashing > > On Sunday, September 4, 2016 at 10:58:13 AM UTC-4, uri wrote: >> >> Thank you, Tim. Although we are using Django 1.9 and I understand that >> passwords are hashed and salted, it's interesting to know which version of >> Django was the first one to hash and salt passwords? I didn't find it >> documented there. >> >> Thanks, >> Uri. >> >> >> *Uri Even-Chen* >> [image: photo] Phone: +972-54-3995700 >> Email: [email protected] >> Website: http://www.speedysoftware.com/uri/en/ >> <http://www.facebook.com/urievenchen> >> <http://plus.google.com/+urievenchen> >> <http://www.linkedin.com/in/urievenchen> >> <http://twitter.com/urievenchen> >> >> On Fri, Sep 2, 2016 at 3:35 PM, Tim Graham <[email protected]> wrote: >> >>> Hi, >>> >>> We have fairly comprehensive documentation about passwords: >>> https://docs.djangoproject.com/en/stable/topics/auth/passwords/ >>> >>> Let us know if you have unanswered questions after reading that. >>> >>> Tim >>> >>> On Friday, September 2, 2016 at 7:35:03 AM UTC-4, uri wrote: >>>> >>>> To Django users, >>>> >>>> Did you see this article: https://nakedsecurity >>>> .sophos.com/2016/08/18/nists-new-password-rules-what-you-need-to-know/ >>>> >>>> Does Django comply with the password guidelines and from which Django >>>> version? Especially regarding the way the passwords are saved. I'm >>>> developing Speedy Net in Django and I want to make sure I can rely on >>>> Django in the way my users' passwords are saved in our database. I also >>>> increased the minimal password length to 8 characters, and removed the >>>> requirement for passwords to be alphanumeric. >>>> >>>> Thanks, >>>> Uri. >>>> >>>> *Uri Even-Chen* >>>> [image: photo] Phone: +972-54-3995700 >>>> Email: [email protected] >>>> Website: http://www.speedysoftware.com/uri/en/ >>>> <http://www.facebook.com/urievenchen> >>>> <http://plus.google.com/+urievenchen> >>>> <http://www.linkedin.com/in/urievenchen> >>>> <http://twitter.com/urievenchen> >>>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Django users" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To post to this group, send email to [email protected]. >>> Visit this group at https://groups.google.com/group/django-users. >>> To view this discussion on the web visit https://groups.google.com/d/ms >>> gid/django-users/dc7489bb-c0d4-49ff-b371-d4958b4bc2ed%40googlegroups.com >>> <https://groups.google.com/d/msgid/django-users/dc7489bb-c0d4-49ff-b371-d4958b4bc2ed%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/group/django-users. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/django-users/4ea4160b-b91e-4f69-8470-c7f88ad7c03e%40googlegroups.com > <https://groups.google.com/d/msgid/django-users/4ea4160b-b91e-4f69-8470-c7f88ad7c03e%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAMQ2MsFyQrgV3JNc%2BUgkpKQYfhgvCFpNn2nPcZ4QZeCRpNUN9Q%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
