Thanks; Not exactly the answer I was looking for :)
On 7/3/11 1:43 PM, pbreit wrote:
They are one-way hashed and thus not decryptable. What is typically
done in this situation is 1) everyone has to re-generate a password
(not ideal) or 2) begin using the new scheme and continue to accept
old passwords for some period of time.
I'm not exactly sure how #2 would be accomplished in Web2py. I am
looking into that as well as figuring out how to implement bcrypt
since there seems to be a lot of conversation about password security
these days (http://news.ycombinator.org/item?id=2716714).
