Kless schrieb: > Well, it's better to give more options and that the owner developer > been who decides about the security on its application. > > It's very easy to add more safer hash algorithms.
BTW, you can already add a custom password hashing algorithm very easily to the TurboGears identity provider on a by-application basis. Have a look at the identity source here: http://trac.turbogears.org/browser/branches/1.0/turbogears/identity/__init__.py#L154 Basically, you set `identity.s[a|o]provider.encryption_algorithm` to "custom" and `identity.custom_encryption` to the dotted path of a function that creates a hash from a string. Unfortunately, this is poorly documented. Chris --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears Trunk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears-trunk?hl=en -~----------~----~----~----~------~----~------~--~---
