A million guides preaching to use bcrypt instead of SHA1, not one with procedures to increase cost as time passes. Am I missing something?
@triskweline Yes. You wait until someone tries to log in and if they succeed re-save their password with a higher factor.
-
-
@patio11 Thanks. I expected to see something like that in Clearance (an auth lib we use) and was surprised I couldn't find it in the code.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.