SPECIAL TOPICS
  1. You are here:Home
  2. Articles
  3. removing-sha1-passwords-from-rubygems-org

Removing SHA1 passwords from RubyGems.org

  • 16/07/2020
  • 1.850

When the RubyGems.org Rails app was created in 2009, the “standard” way to store passwords was to use the SHA1 hashing algorithm. While there were limited academic attacks against SHA1 published as early as 2005, practical attacks didn’t arrive until the mid-2010s. Today, SHA1 is is widely considered insecure, and there are much better options available.RubyGems.org switched to using BCrypt by default for new accounts in 2013. As part of that switch, users from before 2013 are automatically migrated from SHA1 to BCrypt the next time they log in. In the coming days, RubyGems.org will be removing the remaining SHA1 passwords for any user who has not logged in to their account since 2013.
Removing SHA1 passwords from RubyGems.org #ruby #rubydeveloper #rubyonrails https://rubyonrails.ba/single/removing-sha1-passwords-from-rubygems-org

RubyOnRails.BA

If you think that this shoudn't be here on the site, please contact us and we will remove it.

Read more
previous article

Unlock the Potential of VS Code for Ruby Programming | by Daniel Fintinariu

share this post
  • linkedin rubyonrails.ba
  • twitter rubyonrails.ba
  • facebook rubyonrails.ba
next article

Speeding up Initial Rendering of Rails Pages with render_async.

quiz.rubyonrails.ba
blog.rubyonrails.ba
Nezir Zahirovic

Contractor Ruby On Rails (8+ years) / MCPD .Net / C# / Asp.Net / CSS / SQL / (11 years)

related articles

Popular Post