On Mon, Sep 19, 2016 at 09:35:46AM +0200, Aurelien Bompard wrote:
> I've thought about that over the weekend and I think we could just disable
> user signup by redirecting users to FAS. This way existing Persona users
> could still request a password and login, but the bulk of new users would
> just create accounts in FAS. Of course we would sill have a database with
> passwords for some users, but since (to my knowledge) former Persona users
> can't be migrated to FAS directly, I don't think we can avoid that.
> For those who had nightmares for too long with the Mailman 2 plaintext
> password storage and fear it's coming back, rest assured that the
> passwords are hashed and salted by Django. There may even be pepper and
> Thoughts, suggestions?
Thanks for the heads-up, I was wondering, do you have some order of magnitude of
how many accounts we're talking about?
Could it be possible to check how many of these people have a FAS account with
the same email? (I know I logged in on HK w/ persona a while back and I was
using the same email as is attached to my FAS account, for example).
Just to have some ideas :)
infrastructure mailing list -- firstname.lastname@example.org
To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org