4
edits
WebAppSec/Secure Coding Guidelines: Difference between revisions
WebAppSec/Secure Coding Guidelines (view source)
Revision as of 16:24, 2 October 2011
, 2 October 2011→Old Password Hashes
| Line 86: | Line 86: | ||
==== Old Password Hashes ==== | ==== Old Password Hashes ==== | ||
* Password hashes older than a year should be deleted from the system. | * Password hashes older than a year should be deleted from the system. | ||
* After a password hash migration, old hashes should be removed within 3 months if user has yet to | * After a password hash migration, old hashes should be removed within 3 months if user has yet to log in for the conversion process. | ||
====Migration==== | ====Migration==== | ||