Merge pull request #1112 from mrkkrp/minor-auth-tweaks

Minor auth tweaks
2015-12-03 23:19:20 +02:00 · 2015-12-03 23:19:20 +02:00 · ae04cca639
commit ae04cca639
parent adc802d644 1976e90be9
2 changed files with 2 additions and 2 deletions
--- a/yesod-auth/Yesod/Auth/Email.hs
+++ b/yesod-auth/Yesod/Auth/Email.hs
@ -549,7 +549,7 @@ saltLength = 5
 -- | Salt a password with a randomly generated salt.
 saltPass :: Text -> IO Text
 saltPass = fmap (decodeUtf8With lenientDecode)
-         . flip PS.makePassword 14
+         . flip PS.makePassword 16
         . encodeUtf8

 saltPass' :: String -> String -> String
--- a/yesod-auth/Yesod/PasswordStore.hs
+++ b/yesod-auth/Yesod/PasswordStore.hs
@ -38,7 +38,7 @@
 -- > >>> makePassword "hunter2" 14
 -- > "sha256|14|Zo4LdZGrv/HYNAUG3q8WcA==|zKjbHZoTpuPLp1lh6ATolWGIKjhXvY4TysuKvqtNFyk="
 --
-- This will hash the password @\"hunter2\"@, with strength 12, which is a good
+-- This will hash the password @\"hunter2\"@, with strength 14, which is a good
 -- default value. The strength here determines how long the hashing will
 -- take. When doing the hashing, we iterate the SHA256 hash function
 -- @2^strength@ times, so increasing the strength by 1 makes the hashing take