Source

django-scrypt / README.rst

Diff from to

File README.rst

 
 .. warning::
 
+   The encoded hash format has changed. This change is backwards
+   incompatible. Please read the notice in the Caveat section.
+
+.. warning::
+
    This is alpha software under active development. It was tested only
    on **Python 2.7**. It probably will not run on Python 2.5 since
    ``py-scrypt`` doesn't run on interpreters earlier than Python 2.6.
 
    http://pypi.python.org/pypi/django-scrypt/
 
-2. Decompress it and make it your working directory
+2. Decompress it and make it your working directory::
 
-   ``$ tar zxvf django-scrypt-0.1.1.tar.gz``
-   ``$ cd django-scrypt-0.1.1``
+   $ tar zxvf django-scrypt-0.2.0.tar.gz
+   $ cd django-scrypt-0.2.0
 
 3. Install it into your site-packages (if you install to the system's site
-packages you will probably need to be root or use ``sudo``)
+packages you will probably need to be root or to use ``sudo``)
 
    ``$ python setup.py install``
 
 
    ``$ pip install django-scrypt``
 
-If you are installing to the system-wide site-packages then you will probably need to be root or use ``sudo``.
+If you are installing to the system-wide site-packages then you will probably need to be root or to use ``sudo``.
 
 Basic Usage
 ===========
 
 To use Scrypt as your default password storage algorithm in Django 1.4,
 install it and make the following changes. In your Django 1.4 application
-*settings.py* file, modify (or add) the ``PASSWORD_HASHERS`` tuple to include
-``ScryptPasswordHasher`` as the first hasher in the tuple. It needs to be at
-the top.
+*settings.py* file, modify (or add it if it is missing) the
+``PASSWORD_HASHERS`` tuple to include ``ScryptPasswordHasher`` as the first
+hasher in the tuple. It needs to be at the top.
 
 For example::
 
     'django.contrib.auth.hashers.CryptPasswordHasher',
   )
 
-Note: You need to keep the other hasher entries in this list, or else Django
+Note: You need to keep the other hasher entries in this list or else Django
 won't be able to upgrade the passwords!
 
 You have now changed your app to use Scrypt as the default storage algorithm.
 Caveat
 ======
 
+Hash Format Change N Removed
+----------------------------
+
+In an attempt to shorten the length of the encoded hash, I removed the
+N-value and replaced it with an N-exponent value named Nexp. The reason for
+this is that N must be a power of two {2, 4, 6, ... 16384, etc...} and those
+digits take up room in a 128 character hash storage space. It makes more sense
+to me to store the exponent and just make the actual integer on the fly.
+
+``N == 16384 == 2 ** 14 therefore Nexp == 14``
+
+The bad news is that this introduces a backward incompatible change.
+
 Django Password Field Character Length Limits
 ---------------------------------------------