Passwords are stored as sha1 and pbkdf2_sha256

Question

Passwords are stored as sha1 and pbkdf2_sha256

I have a django table auth_user

and for some reason some of the access codes are stored like sha1$...

others pbkdf2_sha256$...

. I don't see any rhymes or reasons for this - what is the difference between the two and why would some be kept as one version and others as others?

+3

python django

David542 09 Apr 12 at 5:12 am

source to share

1 answer

Andrew Gorcester · Accepted Answer · 2012-04-09T05:15:10+0000

Perhaps you have upgraded from Django 1.3 to Django 1.4 keeping user data intact? Django 1.4 introduced a new, more secure hash for storing passwords, but should still be backward compatible with older hashes as far as I know.

Passwords are stored as sha1 and pbkdf2_sha256

More articles: