On Mon, 2009-03-30 at 12:50 +1100, Joshua Partogi wrote: > Hi all, > > I tried saving the password data with this function > > import hashlib > hashlib.md5( new_member.password ).hexdigest() > > but when I log in again with that password it doesnt work.
A number of problems here. Firstly, Django uses SHA1 as the default hashing algorithm. Secondly, you haven't accounted for including any salt in the password hash (which make the task of dictionary attacks much harder). The correct way to set a user's password is to call the set_password() method on the user object. You pass in the plaintext password and set_password() does the necessary hashing. Regards, Malcolm --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
