Password hash algorithm

Hi,
I’d be interested in knowing what password hash function and associated parameters (hash length, salt, what actual library is called) are used for local login. Looking at the ruby file mentioned earlier didn’t help me. I’m in need of this info for compliance purposes: best practices around GPDR (and in the general realm of systems security, really) require me to document this information.

Edit: found the answer here: Export password hashes in the PHC formatdiscourse/SECURITY.md at master · discourse/discourse · GitHub

3 Likes