On Wed, Jan 28, 2009 at 5:08 PM, Florent Aide <[email protected]> wrote: > > On Wed, Jan 28, 2009 at 7:34 PM, Jorge Vargas <[email protected]> wrote: > >> to be clear, that's my point why will that won't work? why will I need >> to load tg in order to use a console script? can't we just inline that >> in the model where it should be? Just as Gustavo said simply add the 3 >> lines to the model with the sha1 and md5 commented out and the >> salted_sha1 un-commented. That will let everyone default to the most >> secure algorith, yet still allow you to go back to the less-secure >> ones in case you need to (for example old already hashed passwords) > > why not... this is in the quickstarted app and anyone willing to lower > his security (or improve it by using some difference method) could do > it easily... and this would remove quite some problems... I'm > convinced... > > +1 for Gustavo's proposal >
ok I'll make a ticket + patch. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears Trunk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/turbogears-trunk?hl=en -~----------~----~----~----~------~----~------~--~---
