bmarwell commented on issue #1022: URL: https://github.com/apache/shiro/issues/1022#issuecomment-1765098534
Hey @sam2099! Side question: @bdemers I think we talked about an upgrade path two years ago. IIRC we came to the conclusion, that the best thing an application can do is to ask users to generate new passwords (e.g. reset via email), even if they set the same password again. While it would not hurt to READ old passwords ONCE, we (Shiro) would not be able if it was still used for storage again. I think this is why support was dropped altogether. Does that help? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
