projects / catagits/Catalyst-Manual.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw (from parent 1: bd8307d)
Add comment about salt
Kennedy Clark [Sat, 28 Feb 2009 21:14:51 +0000 (21:14 +0000)]
lib/Catalyst/Manual/Tutorial/Authentication.pod patch | blob | blame | history

diff --git a/lib/Catalyst/Manual/Tutorial/Authentication.pod b/lib/Catalyst/Manual/Tutorial/Authentication.pod
index 26faef3..0410643 100644 (file)
--- a/lib/Catalyst/Manual/Tutorial/Authentication.pod
+++ b/lib/Catalyst/Manual/Tutorial/Authentication.pod
@@ -633,7 +633,9 @@ using a SHA-1 hash. If you are concerned about cleartext passwords
 between the browser and your application, consider using SSL/TLS, made
 easy with the Catalyst plugin Catalyst::Plugin:RequireSSL.  You should
 also consider adding a "salt" mechanism to your hashed passwords to 
-mitigate the risk of a "rainbow table" crack against your passwords.
+mitigate the risk of a "rainbow table" crack against your passwords (see
+L<Catalyst::Authentication::Credential::Password|Catalyst::Authentication::Credential::Password>
+for more information on using a salt value).
 
 
 =head2 Get a SHA-1 Hash for the Password
Unnamed repository; edit this file 'description' to name the repository.