|
|
|
|
|
|
by akerl_
4506 days ago
|
|
|
Except that for some people, you only have a SHA1 hash, and for others, you only have an scrypt hash. Since they (I hope) weren't storing the plaintext (pre-hash) passwords alongside the hashed versions, the only time they can change the initial hashing mechanism is when passwords are provided to them during a password change or user login. |
|
|
Your new hash mechanism is sha1 then scrypt.
There is no excuse to do otherwise :)