mirror of
https://github.com/kd2org/picodav.git
synced 2024-05-17 21:46:33 +02:00
clarify password hashing
Code hashes (a best practice) passwords rather than encrypting them.
This commit is contained in:
parent
706c7ce880
commit
dd83f184a9
|
@ -71,9 +71,9 @@ password = verySecret
|
||||||
write = true
|
write = true
|
||||||
```
|
```
|
||||||
|
|
||||||
Note that PicoDAV will replace this password with an encrypted version the next time it is accessed, don't worry about that, this is for extra safety, just in case the `.picodav.ini` is accessed by a hacker if you made mistake in your web server configuration.
|
Note that PicoDAV will replace this password with a hashed version the next time it is accessed, don't worry about that, this is for extra safety, just in case the `.picodav.ini` is accessed by a hacker if you made mistake in your web server configuration.
|
||||||
|
|
||||||
Here is an example of the password once it has been encrypted:
|
Here is an example of the password once it has been hashed:
|
||||||
|
|
||||||
```
|
```
|
||||||
password = '$2y$10$fbdabTjNPN3gMAUlaSEoR.kKHLnh0yMGneuJ7P2AOhSSNr8gUaCPu'
|
password = '$2y$10$fbdabTjNPN3gMAUlaSEoR.kKHLnh0yMGneuJ7P2AOhSSNr8gUaCPu'
|
||||||
|
|
Loading…
Reference in a new issue