From 4663186fdcb2ac1142d3697e27a8f67ce3c92510 Mon Sep 17 00:00:00 2001
From: Reed Loden <reed@reedloden.com>
Date: Mon, 31 Dec 2012 13:51:11 -0800
Subject: Bug 785283 - Support increased values for PASSWORD_SALT_LENGTH
 without breaking compat with old hashes [r=LpSolit a=LpSolit]

---
 Bugzilla/Constants.pm | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'Bugzilla/Constants.pm')

diff --git a/Bugzilla/Constants.pm b/Bugzilla/Constants.pm
index 5af171878..8410ae46a 100644
--- a/Bugzilla/Constants.pm
+++ b/Bugzilla/Constants.pm
@@ -567,10 +567,10 @@ use constant MAX_QUIP_LENGTH => 512;
 # This is the name of the algorithm used to hash passwords before storing
 # them in the database. This can be any string that is valid to pass to
 # Perl's "Digest" module. Note that if you change this, it won't take
-# effect until a user changes his password.
+# effect until a user logs in or changes his password.
 use constant PASSWORD_DIGEST_ALGORITHM => 'SHA-256';
-# How long of a salt should we use? Note that if you change this, none
-# of your users will be able to log in until they reset their passwords.
+# How long of a salt should we use? Note that if you change this, it
+# won't take effect until a user logs in or changes his password.
 use constant PASSWORD_SALT_LENGTH => 8;
 
 # Certain scripts redirect to GET even if the form was submitted originally
-- 
cgit v1.2.3-24-g4f1b