mirror of
https://github.com/home-assistant/core
synced 2024-10-07 10:13:38 +02:00
bacecb4249
* Replace pbkdf2 with bcrypt bcrypt isn't inherently better than pbkdf2, but everything "just works" out of the box. * the hash verification routine now only computes one hash per call * a per-user salt is built into the hash as opposed to the current global salt * bcrypt.checkpw() is immune to timing attacks regardless of input * hash strength is a function of real time benchmarks and a "difficulty" level, meaning we won't have to ever update the iteration count * WIP: add hash upgrade mechanism * WIP: clarify decode issue * remove stale testing code * Fix test * Ensure incorrect legacy passwords fail * Add better invalid legacy password test * Lint * Run tests in async scope |
||
---|---|---|
.. | ||
mfa_modules | ||
providers | ||
__init__.py | ||
auth_store.py | ||
const.py | ||
models.py | ||
util.py |