Jonathan is right. I forgot to ask you also set
db.auth_user.password.validators[0].salt = False I am trying to find out if (for the same salt or no salt) you get the same hash. I suspect not. On Tuesday, 11 December 2012 18:30:46 UTC-6, Jonathan Lundell wrote: > > On 11 Dec 2012, at 4:05 PM, JoeCodeswell <[email protected]<javascript:>> > wrote: > > Dear Massimo, > > Here's the answers. > > *Can you try do this on both machines?* > > *webfaction* > > $ python web2py.py -S myappNotReally -M > web2py Web Framework > Created by Massimo Di Pierro, Copyright 2007-2012 > Version 2.2.1 (2012-10-21 16:57:04) stable > Database drivers available: SQLite(sqlite3), MySQL(pymysql), MySQL(MySQLdb > ), Pos tgreSQL(psycopg2), PostgreSQL(pg8000),IMAP > (imaplib) > Python 2.7.3 (default, Jun 11 2012, 22:26:11) > Type "copyright", "credits" or "license" for more information. > > IPython 0.12.1 > > > In [51]: webfaction = > 'pbkdf2(1000,20,sha512)$ad443a669b5729b7$b7d02805d6681f93d54e95b05611734cbdc93cf9' > > In [52]: windows = > 'pbkdf2(1000,20,sha512)$975228a4f2f27156$72e54a69f7fb6e1e0a209a45f4ca206d42ebedca' > > If you don't specify explicit (and constant) salt, CRYPT will generate a > random salt on each call. I'd expect you to get different values on each > run, not just on different systems. > --
