[ic] [interchange] Add back 'UserDB ui crypt' setting
Peter
peter at pajamian.dhs.org
Thu Nov 19 21:09:46 UTC 2015
On 11/20/2015 03:16 AM, Josh Lavin wrote:
> Quoting Peter (peter at pajamian.dhs.org):
>> On 11/19/2015 11:28 AM, Josh Lavin wrote:
>>> UserDB ui database access
>>> +UserDB ui crypt 1
>>> UserDB ui bcrypt 1
>>> UserDB ui promote 1
>>> UserDB ui cost 13
>>
>> This change should not be needed, crypt is implied by bcrypt. Did you
>> have some issue with just bcrypt set?
>
> I was told crypt was also necessary. It seems to work either way in the
> Admin
It's not required and documentation shows not to use it:
> + Example usage: if my "ui" profile is configured with
> "crypt" (as it is by default), I have crypt() passwords in
> the access table:
>
> UserDB ui crypt 1
>
> I first change and promote to bcrypt by replacing the above
> with:
>
> UserDB ui promote 1
> UserDB ui bcrypt 1
> UserDB ui bcrypt_pepper {some reasonably long random string}
> -- however, in the catalog, I found crypt to be necessary.
My own usage never required it for userdb either, what happened that
made you think it's required?
Peter
More information about the interchange-users
mailing list