Markus Werner wrote:
Migration steps.
- Move all auth: MD5-PW to a new md5-pw object and reference them.
- At some day it is possible to say that md5-pw are obsolet and deny creation of new objects. So new users get forced to use a other method.
- After time you can force users to update the auth method everytime they need to edit an object.
Nice. But seems too soft, and it takes a long time to migrate... My view: - Implement md5-pw object in database - Autocreate md5-pw objects for all existing md5 passwords - Autochange hashed passwords with md5-pw objects - Include "remark: see http://... for what's happened" in chaned objects Like it was in person/org objects when russian area phone codes was changed. -- WBR, Maxim V. Tulyev (MT6561-RIPE, 2:463/253@FIDO)