From 18feccd87565dfac117e180376ba67b08f97a27f Mon Sep 17 00:00:00 2001 From: Stian Thorgersen Date: Mon, 13 Jun 2016 13:25:08 +0200 Subject: [PATCH] Update topics/authentication/password-policies.adoc --- topics/authentication/password-policies.adoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/topics/authentication/password-policies.adoc b/topics/authentication/password-policies.adoc index 7bdfcf362c..ceb4fb076f 100644 --- a/topics/authentication/password-policies.adoc +++ b/topics/authentication/password-policies.adoc @@ -29,13 +29,13 @@ Update Password required action other than setting it manually for every user. Here's an explanation of each policy type: +{% if book.community %} HashAlgorithm:: Passwords are not stored as clear text. Instead they are hashed using standard hashing algorithms before they are stored or validated. - {% if book.community %} The only built-in and default algorithm available is PBKDF2. See the link:{{book.developerguide.link}}[{{book.developerguide.name}}] on how to plug in your own algorithm. Note that if you do change the algorithm, password hashes will not change in storage until the next time the user logs in. - {% endif %} +{% endif %} HashIterations:: This value specifies the number of times a password will be hashed before it is stored or verified. The default value is 20,000. This hashing is done in the rare case that a hacker gets access to your password database. Once they have the database