Homec4science

Allow hashers to side-grade hashes across cost settings

Authored by epriestley <git@epriestley.com> on Feb 18 2014, 20:52.

Description

Allow hashers to side-grade hashes across cost settings

Summary:
Ref T4443. In addition to performing upgrades from, e.g., md5 -> bcrypt, also allow sidegrades from, e.g., bcrypt(cost=11) to bcrypt(cost=12). This allows us to, for example, bump the cost function every 18 months and stay on par with Moore's law, on average.

I'm also allowing "upgrades" which technically reduce cost, but this seems like the right thing to do (i.e., generally migrate password storage so it's all uniform, on average).

Test Plan:

  • Fiddled the bcrypt cost function and saw appropriate upgrade UI, and upgraded passwords upon password change.
  • Passwords still worked.
  • Around cost=13 or 14 things start getting noticibly slow, so bcrypt does actually work. Such wow.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4443

Differential Revision: https://secure.phabricator.com/D8271

Details

Committed
epriestley <git@epriestley.com>Feb 18 2014, 23:09
Pushed
aubortJan 31 2017, 17:16
Parents
rPH580bcd0d2be4: Implement bcrypt hasher, transparent login upgrade, and explicit upgrade for…
Branches
Unknown
Tags
Unknown

Event Timeline

epriestley <git@epriestley.com> committed rPH5c84aac9089a: Allow hashers to side-grade hashes across cost settings (authored by epriestley <git@epriestley.com>).Feb 18 2014, 23:09