Don't rely on mass password migration, since it would take a very long time. Instead, migrate users on demand.
Raise work factor (iteration count) from 10 to 14.
Current flow:
1. Application requests a salt to use as CHAP-style seed
2. If new-style password exists, salt is returned.
3. Else, old password is migrated and the new salt is returned.
4. App finalizes login by checking verify_passwd.
--
With this, batch migrations could still be performed by looping over actor.migrate_passwd(user_id) as a separate process.
Changes pushed. From the commit:
Don't rely on mass password migration, since it would take a very long time. Instead, migrate users on demand.
Raise work factor (iteration count) from 10 to 14.
Current flow:
1. Application requests a salt to use as CHAP-style seed
2. If new-style password exists, salt is returned.
3. Else, old password is migrated and the new salt is returned.
4. App finalizes login by checking verify_passwd.
--
With this, batch migrations could still be performed by looping over actor.migrate_ passwd( user_id) as a separate process.
Simple tests still pass.