Changes

Jump to: navigation, search

WebAppSec/Secure Coding Guidelines

4 bytes added, 21:33, 19 January 2011
Migration
Migration Hash = sha512(perUserSalt + md5(user supplied password))
2. If authentication via migration hash is successful:
 
- Use the user's provided password and calculate the New Hash per the algorithm defined above.
 
- Overwrite the Migration Hash with the New Hash
 
3. If authentication via migration hash is NOT successful:
 
- The user may already be on the New Hash. Attempt to directly authenticate using the new hash. If this fails, then the password provided by the user is wrong.
Confirm
491
edits

Navigation menu