Update topics/authentication/password-policies.adoc

This commit is contained in:
Stian Thorgersen 2016-06-13 13:26:07 +02:00
parent 18feccd875
commit 94ebfd0a2b

View file

@ -36,6 +36,11 @@ HashAlgorithm::
on how to plug in your own algorithm. Note that if you do change the algorithm, password hashes will not change in storage until
the next time the user logs in.
{% endif %}
{% if book.product %}
HashAlgorithm::
Passwords are not stored as clear text. Instead they are hashed using standard hashing algorithms before they are stored or validated.
The only currently supported algorithm is PBKDF2.
{% endif %}
HashIterations::
This value specifies the number of times a password will be hashed before it is stored or verified. The default value is 20,000.
This hashing is done in the rare case that a hacker gets access to your password database. Once they have the database