VSinerva/csb-project-1
Archived
1
0
Fork 0
Code Activity

Add flaw 2: weak hashing

Browse source
This commit is contained in:
Vili Sinervä 2024-11-25 17:48:27 +02:00
parent e8f671d66e
commit 0d8bedf002
No known key found for this signature in database
GPG key ID: DF8FEAF54EFAC996
2 changed files with 21 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
project/settings.py
View file

@ -103,6 +103,14 @@ AUTH_PASSWORD_VALIDATORS = [
},
]
PASSWORD_HASHERS = [
# FLAW 2:
# Changing to one of the far safer hashing algorithms commented out below would fix the issue
# 'django.contrib.auth.hashers.Argon2PasswordHasher',
# 'django.contrib.auth.hashers.PBKDF2PasswordHasher',
'django.contrib.auth.hashers.UnsaltedMD5PasswordHasher',
]
# Internationalization
# https://docs.djangoproject.com/en/3.2/topics/i18n/