3.1.0 May 07 2013
- Add BCrypt::Password.valid_hash?(str) to check if a string is a valid
bcrypt password hash
- BCrypt::Password cost should be set to DEFAULT_COST if nil
- Add BCrypt::Engine.cost attribute for getting/setting a default cost
externally
3.1.1 Jul 10 2013
- Remove support for Ruby 1.8 in compiled win32 binaries
3.1.2 Aug 26 2013
- Add support for Ruby 1.8 and 2.0 (in addition to 1.9) in compiled Windows
binaries
- Add support for 64-bit Windows
File too long (should be no more than 24 lines).
Line too long (should be no more than 80 characters).
Trailing empty lines.
Trailing white-space.
Trucated the long files as best as possible while preserving the most info
contained in them.
bcrypt() is a sophisticated and secure hash algorithm designed by The
OpenBSD project for hashing passwords. bcrypt-ruby provides a simple,
humane wrapper for safely handling passwords.
= bcrypt-ruby
An easy way to keep your users' passwords secure.
* http://bcrypt-ruby.rubyforge.org/
* http://github.com/codahale/bcrypt-ruby/tree/master
== Why you should use bcrypt
If you store user passwords in the clear, then an attacker who steals
a copy of your database has a giant list of emails and passwords. Some
of your users will only have one password -- for their email account,
for their banking account, for your application. A simple hack could
escalate into massive identity theft.
It's your responsibility as a web developer to make your web
application secure -- blaming your users for not being security
experts is not a professional response to risk.
bcrypt allows you to easily harden your application against these
kinds of attacks.
