finn/forgejo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Turn default hash password algorightm back to pbkdf2 from argon2 until we found a better one (#14673)

Browse source 
* Turn default hash password algorightm back to pbkdf2 from argon2 until we found a better one

* Add a warning on document
This commit is contained in:
Lunny Xiao 2021-02-14 01:03:29 +08:00 committed by GitHub
parent ed834126a6
commit 5e4fa7c703
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 3 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
custom/conf/app.example.ini
View file

@ -565,7 +565,7 @@ ONLY_ALLOW_PUSH_IF_GITEA_ENVIRONMENT_SET = true
;Classes include "lower,upper,digit,spec"
PASSWORD_COMPLEXITY = off
; Password Hash algorithm, either "argon2", "pbkdf2", "scrypt" or "bcrypt"
PASSWORD_HASH_ALGO = argon2
PASSWORD_HASH_ALGO = pbkdf2
; Set false to allow JavaScript to read CSRF cookie
CSRF_COOKIE_HTTP_ONLY = true
; Validate against https://haveibeenpwned.com/Passwords to see if a password has been exposed