mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
73bd2e4479
* using authelia hash-password if you provide a salt it doesn't encode it as a base64 string * this causes invalid salts to be stored if a user manually provided one instead of reliance on the automatic generation * additionally bumped the minimum required salt length to 8 as per reference spec * additionally removed the maximum salt length as per reference spec (actually 2^32-1 per int32) * see docs: * https://tools.ietf.org/html/draft-irtf-cfrg-argon2-10 * https://github.com/P-H-C/phc-winner-argon2 * https://github.com/P-H-C/phc-string-format * encode all salts * fix edge case of false positive in CheckPassword * bump crypt version and fix tests |
||
---|---|---|
.. | ||
authentication | ||
notifier | ||
storage | ||
access-control.md | ||
duo-push-notifications.md | ||
google-analytics.md | ||
index.md | ||
miscellaneous.md | ||
one-time-password.md | ||
regulation.md | ||
secrets.md | ||
server.md | ||
session.md |