From ebe34005a114d27f58b34338b4b458e5d47fcfde Mon Sep 17 00:00:00 2001 From: Matt Wright Date: Mon, 20 Aug 2012 18:25:03 -0400 Subject: [PATCH] Update docs --- docs/features.rst | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/docs/features.rst b/docs/features.rst index aa3b64e..5bdca83 100644 --- a/docs/features.rst +++ b/docs/features.rst @@ -37,11 +37,10 @@ Password Encryption ------------------- Password encryption is enabled with `passlib`_. Passwords are stored in plain -text by default but you can easily configure the encryption algorithm and salt -value in your application configuration. You should **always use an encryption -algorithm** in your production environment. Bcrypt is a popular algorithm as -of writing this documentation. Bear in mind passlib does not assume which -algorithm you will choose and may require additional libraries to be installed. +text by default but you can easily configure the encryption algorithm. You +should **always use an encryption algorithm** in your production environment. +You may also specify to use HMAC with a configured salt value in addition to the +algorithm chosen. Bear in mind passlib does not assume which algorithm you will choose and may require additional libraries to be installed. .. basic-http-auth: