Closed r-a-y closed 6 years ago
Actually it's scrypt
not bcrypt
. I had the same dilemmas as you and settled with doing it manually same as you did.
I think possibility of recreating password with same revision number can be added for easier transition. Increasing revison number for every password would make password recovery harder.
Yes, I am aware of this being awkward. Trouble is, with most sites changing your password requires both passwords to be used. So if the password is simply replaced, you need to fill in the "current password" field before doing it. Do you think people will get this right?
The following would be easily doable:
What do you think?
Yeah, I think above should be fine.
I added this functionality now, it will be part of the 2.0.1 release which will hopefully get out today.
New changes work great. Thanks for implementing!
Congrats on the new v2.0 release.
v2.0 uses
bcryptscrypt for passwords. For those of us that have been using since v1.0, I'm finding it a little difficult to change my passwords over.Clicking on the "Generate new password for this user name" link works, but I cannot use the same revision number as before because pFp will not let me do so. Does the revision number matter in instances where we are attempting to change over to v2.0?
Right now, in order to start fresh, I'm removing the previous v1.x password and recreating the password with the new algorithm. But, this increases the amount of steps I need to make.
Would appreciate what the recommended workflow is.