Reputation: 120
Migrating existing user details to new authentication system
Recently I have changed my authentication system to devise. I want to migrate my existing user data to this new system. Previous one was using SHA256 hash to save password. As I know this encryption is one way so in that case what will be the best way to migrate users data to new system. Devise support SHA512 encryption as well but not SHA256 as I know.
Upvotes: 3
Views: 352
Answers (2)
Reputation: 13425
When a user enters their password (logs in), you can create a devise account for them automatically. That's probably the easiest way to migrate.
Upvotes: 0
Reputation: 33187
Simply upping the hash size isn't buying much security. Please read up on intreated hashes and salting.
Traditionally, you upgrade a password upon the user changing their password. The type of password is either stored with the password (common format: $type$salt$hashpassword), or in an adjacent column, allowing you detect which algorithm to use.
Whether you force users to change their password is your choice.
Upvotes: 3
Related Questions
- Migrate users from one Rails app to another, both using Devise, while maintaining passwords
- Migrating from Authlogic to Devise
- Migrating from Restful Authentication to Devise
- Migrating passwords to Devise
- Migrate legacy database users to Devise
- Is there a way to migrate devise users from one application to another (still using devise?)
- Migration from restful authentication to devise
- migrating from legacy password to rails devise
- Rails3 Devise authentication Migration
- Migrating existing user model to Devise