salt 'n' pepper

[go4ble]

our passwords are lacking flavor

[awdavies]

I think (though don't get me wrong) that django salts and peppers the passwords (as well as all the general hashing) by itself. I'm not sure about SSL stuff, though, as I haven't looked into it.

[go4ble]

if we use django's auth system, then all of that stuff is taken care of. if we implement it ourselves, not so much. do you have any preference?

[awdavies]

it looks like we're going with django's implementation (however this may not end up happening depending on whether or not we can successfully extend the default auth.User class).

[awdavies]

This is now implemented! yay!