Jan Stępień 95f0f71441 Hash passwords with BCrypt instead of SHA1 ... BCrypt is regarded as a more secure alternative to hashing using message digest algorithms, such as MD5 and SHA families [0, 1, 2]. Apart from built-in salting it is adaptable to the increasing power of modern processing units, which makes it more secure against brute-force cracking. This commit makes all passwords hashed using BCrypt. The session tokens remain generated using SHA1. Tests were updated, `rake test:units` and `rake test:functionals` didn't report any regressions. [0] http://bcrypt.sourceforge.net/ [1] http://en.wikipedia.org/w/index.php?title=Bcrypt&oldid=439692871 [2] eab1c72/README.md		2011-09-07 16:05:52 +02:00
..
apis	fix #857 and further refactoring for better done view	2011-07-09 17:21:34 +02:00
controllers	fix #922. You can now mark a todo complete from the tickler. Also fixed some small aasm corner cases found by this change	2011-08-18 17:15:00 +02:00
helpers	improve tests for preferences and fix a pending cucumber step	2011-08-19 12:51:06 +02:00
models	Hash passwords with BCrypt instead of SHA1	2011-09-07 16:05:52 +02:00
views	fix #922. You can now mark a todo complete from the tickler. Also fixed some small aasm corner cases found by this change	2011-08-18 17:15:00 +02:00