[ci skip] Add a note about password storage in CI_Encryption docs

I saw at least 2 occurrences of encryption instead of hashing being used for password storage during the past week ...
author: Andrey Andreev <narf@devilix.net> 2015-03-11 17:57:00 +0100
committer: Andrey Andreev <narf@devilix.net> 2015-03-11 17:57:00 +0100
commit: 4fa5c4d30057525c9d16cf583aabbb5e6f8bb8bb (patch)
tree: b76cde9229ebbc814cf4d6b0e3b6d6786ab1d696 /user_guide_src/source/libraries
parent: 0b1fd2cb717d217278b025e49d97819289600a9b (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/user_guide_src/source/libraries/encryption.rst b/user_guide_src/source/libraries/encryption.rst
index 5f0979da7..0c347604c 100644
--- a/user_guide_src/source/libraries/encryption.rst
+++ b/user_guide_src/source/libraries/encryption.rst
@@ -2,6 +2,11 @@
 Encryption Library
 ##################
 
+.. important:: DO NOT use this or any other *encryption* library for
+	user password storage! Passwords must be *hashed* instead, and you
+	should do that via PHP's own `Password Hashing extension
+	<http://php.net/password>`_.
+
 The Encryption Library provides two-way data encryption. To do so in
 a cryptographically secure way, it utilizes PHP extensions that are
 unfortunately not always available on all systems.
author	Andrey Andreev <narf@devilix.net>	2015-03-11 17:57:00 +0100
committer	Andrey Andreev <narf@devilix.net>	2015-03-11 17:57:00 +0100
commit	4fa5c4d30057525c9d16cf583aabbb5e6f8bb8bb (patch)
tree	b76cde9229ebbc814cf4d6b0e3b6d6786ab1d696 /user_guide_src/source/libraries
parent	0b1fd2cb717d217278b025e49d97819289600a9b (diff)