Added note to releases/1.4.txt about contrib.auth user password hash-upgrade…

Added note to releases/1.4.txt about contrib.auth user password hash-upgrade sequence. Thanks, ericholscher git-svn-id: http://code.djangoproject.com/svn/django/trunk@17687 bcc190cf-cafb-0310-a4f2-bffc1f526a37

Added note to releases/1.4.txt about contrib.auth user password hash-upgrade…
Added note to releases/1.4.txt about contrib.auth user password hash-upgrade sequence. Thanks, ericholscher git-svn-id: http://code.djangoproject.com/svn/django/trunk@17687 bcc190cf-cafb-0310-a4f2-bffc1f526a37
ebc6fc93 · Adrian Holovaty · dd246a62 · ebc6fc93
Kaydet (Commit) ebc6fc93 authored Mar 12, 2012 tarafından Adrian Holovaty
Show whitespace changes
Inline Side-by-side

Showing with 11 additions and 0 deletions

1.4.txt docs/releases/1.4.txt +11 -0

No files found.
--- a/docs/releases/1.4.txt
+++ b/docs/releases/1.4.txt
@@ -777,6 +777,17 @@ instance:
  * Time period: The amount of time you expect user to take filling out
    such forms.
+* ``contrib.auth`` user password hash-upgrade sequence
+  * Consequences: Each user's password will be updated to a stronger password
+    hash when it's written to the database in 1.4. This means that if you
+    upgrade to 1.4 and then need to downgrade to 1.3, version 1.3 won't be able
+    to read the updated passwords.
+  * Remedy: Set :setting:`PASSWORD_HASHERS` to use your original password
+    hashing when you initially upgrade to 1.4. After you confirm your app works
+    well with Django 1.4 and you won't have to roll back to 1.3, enable the new
+    password hashes.
 django.contrib.flatpages
 ~~~~~~~~~~~~~~~~~~~~~~~~