Bug 785283 - Support increased values for PASSWORD_SALT_LENGTH without breaking compat with old hashes

[r=LpSolit a=LpSolit]
author: Reed Loden <reed@reedloden.com> 2012-12-31 22:51:11 +0100
committer: Reed Loden <reed@reedloden.com> 2012-12-31 22:51:11 +0100
commit: 4663186fdcb2ac1142d3697e27a8f67ce3c92510 (patch)
tree: fe2720a0c265ca480cb425b83ff6585ec081df65 /Bugzilla/Constants.pm
parent: a9fb9c4b84b21f01a9bfea6eea13ee1b27435ca6 (diff)
download: bugzilla-4663186fdcb2ac1142d3697e27a8f67ce3c92510.tar.gz
bugzilla-4663186fdcb2ac1142d3697e27a8f67ce3c92510.tar.xz
1 files changed, 3 insertions, 3 deletions
diff --git a/Bugzilla/Constants.pm b/Bugzilla/Constants.pm
index 5af171878..8410ae46a 100644
--- a/Bugzilla/Constants.pm
+++ b/Bugzilla/Constants.pm
@@ -567,10 +567,10 @@ use constant MAX_QUIP_LENGTH => 512;
 # This is the name of the algorithm used to hash passwords before storing
 # them in the database. This can be any string that is valid to pass to
 # Perl's "Digest" module. Note that if you change this, it won't take
-# effect until a user changes his password.
+# effect until a user logs in or changes his password.
 use constant PASSWORD_DIGEST_ALGORITHM => 'SHA-256';
-# How long of a salt should we use? Note that if you change this, none
-# of your users will be able to log in until they reset their passwords.
+# How long of a salt should we use? Note that if you change this, it
+# won't take effect until a user logs in or changes his password.
 use constant PASSWORD_SALT_LENGTH => 8;
 
 # Certain scripts redirect to GET even if the form was submitted originally
author	Reed Loden <reed@reedloden.com>	2012-12-31 22:51:11 +0100
committer	Reed Loden <reed@reedloden.com>	2012-12-31 22:51:11 +0100
commit	4663186fdcb2ac1142d3697e27a8f67ce3c92510 (patch)
tree	fe2720a0c265ca480cb425b83ff6585ec081df65 /Bugzilla/Constants.pm
parent	a9fb9c4b84b21f01a9bfea6eea13ee1b27435ca6 (diff)
download	bugzilla-4663186fdcb2ac1142d3697e27a8f67ce3c92510.tar.gz bugzilla-4663186fdcb2ac1142d3697e27a8f67ce3c92510.tar.xz