I've noticed that the default_password_compare in sql.py uses
unsalted hashes, and so I was planning to submit a patch to fix that.
I figured, however, that it might be a good idea to provide a
default_password_hasher so that users of repoze.who could just import
that into their model and have the two work in conjunction. Before I
did it, however, I wanted to make sure that there wasn't something I
Repoze-dev mailing list