If I increase the bcrypt cost do I have to rehash the users password already registered?

后端 未结 2 692
太阳男子
太阳男子 2021-01-22 03:14

I\'m just digging into Symfony2 and just got my own user-provider running. ATM I use brypt with a cost of 12. If I now increase the cost, bcrypt should rehash the password again

2条回答
  •  小蘑菇
    小蘑菇 (楼主)
    2021-01-22 04:08

    You can change the cost in any moment because as you can read in the official symfony2 docs you don't need to rehash the old passwords because they are automatically handled with the old cost (and if you want you can force the users in the future to change their password like happens in many large sites).

提交回复
热议问题