I’ve committed code changes which break backward compatibility with old data… specifically the passhash facet of account elements. As of the 2010-06-17 23:49:58 UTC commit, passhash now uses a BSD-Unix-passwd-like encoding which embeds a hash algorithm index, ability to specify multiple iteration rounds, and a randomly-generated salt. The old format, a simple, one-round MD5 hexdigest with an implicit salt of the account’s name facet, can be converted to the new format using the password.upgrade_legacy_hash function.

Leave a Reply

You must be logged in to post a comment.