Update topics/authentication/password-policies.adoc

This commit is contained in:
Stian Thorgersen 2016-06-13 13:25:08 +02:00
parent bcb3a0e1c4
commit 18feccd875

View file

@ -29,13 +29,13 @@ Update Password required action other than setting it manually for every user.
Here's an explanation of each policy type:
{% if book.community %}
HashAlgorithm::
Passwords are not stored as clear text. Instead they are hashed using standard hashing algorithms before they are stored or validated.
{% if book.community %}
The only built-in and default algorithm available is PBKDF2. See the link:{{book.developerguide.link}}[{{book.developerguide.name}}]
on how to plug in your own algorithm. Note that if you do change the algorithm, password hashes will not change in storage until
the next time the user logs in.
{% endif %}
{% endif %}
HashIterations::
This value specifies the number of times a password will be hashed before it is stored or verified. The default value is 20,000.
This hashing is done in the rare case that a hacker gets access to your password database. Once they have the database