Date: 2020-09-15
Date: 2020-09-15
:pbkdf2+sha3_256
alias.Date: 2019-06-28
Date: 2017-08-29
Date: 2017-01-24
Date: 2016-11-15
Date: 2016-09-01
Date: 2016-04-09
Date: 2016-03-27
Date: 2016-03-26
encrypt
function becomes derive
(backward compatibile change).Date: 2016-01-23
:algorithm
parameter is now removed (:alg
should be used).:sha256
and :md5
hashers are removed.Date: 2016-01-06
Date: 2015-11-28
Date: 2015-11-09
Important notes:
encrypt
function now selects a random algorithm from recommended
algorithms list instead to have default one. This enables to have additional
security layer having more than one algorithm to be broken for recover
all passwords. This behavior is different from previous one and you should
care about it. If you want the previous behavior, just preselect the
prefered cipher passing it explicitly to the encrypt
function.bcrypt+sha512
hasher strength is improved.
The previous algorithm is still available for password checking only and
password update setter will be triggered if password with old algorithm
is used for checking process.pbkdf2+sha256
hasher strength is improved.
A little weakness is discovered in the implementation that decreases the hash
security from 256 bits to 160 bits (output truncation). This means that
the old password are at least secure as pbkdf2+sha1
, that is still
condsidered secure and widele employed (besides, the sha256 hash output
truncated to 160 bits is more secure than sha1, so you don't be worried
about that).
The hasher algorithm is backward compatible and if you are using the builtin
helpers for password upgrading it will be automatically triggered if old
version of password is checked.Other changes:
pbkdf2+sha3_256
is renamed to pbkdf2+sha3-256
. This is a backward
compatible change because the previous alias is still conserved until the next
release.md5
and sha256
hashers has been deprecated and will be removed in the
next version.:pbkdf2+blake2b-512
hasher as part of the recommended password hashers.:pbkdf2+sha512
hasher as part of the recommended password hashers.:bcrypt+sha384
hasher (for some one that does not like use blake2b-512).:algorithm
parameter is deprecated in favor of the shorter :alg
.Date: 2015-10-31
Date: 2015-09-19
Date: 2015-06-28
Date: 2015-06-15
check
function is now null pointer safe.Date: 2015-04-03
Date: 2015-03-14
Date: 2015-02-22
Date: 2015-01-18
Can you improve this documentation?Edit on GitHub
cljdoc is a website building & hosting documentation for Clojure/Script libraries
× close