comeonin on hex

3.1.0 (21 Jun 2017 02:06)

Password hashing (bcrypt, pbkdf2_sha512) library for Elixir.


CHANGELOG.md

Changelog

3.1.0

  • Changes
    • Now forcing a recompile of C code for Windows users.

3.0.0

  • Enhancements
    • Small changes to NIF code to make it more scheduler-friendly.
    • Improved documentation with respect to Argon2.
  • Changes
    • Now using elixir_make to help compile the C code.

2.6.0

  • Enhancements
    • Improved Windows build to prevent build failure when upgrading Erlang versions.

2.4.0

  • Enhancements
    • Improved Windows build error messages.
  • Changes
    • Changed behavior for incorrect input to Bcrypt.gen_salt.

2.3.0

  • Enhancements
    • Added support for one-time passwords (HOTP, TOTP) for use in two factor authentication.

2.2.0

  • Changes
    • Improved documentation for Windows builds.
    • Updated the required Elixir version to 1.2.

2.1.0

  • Enhancements
    • Added legacy option to Comeonin.Bcrypt.gen_salt so that hashes with the older $2a$ prefix can be more easily generated.
    • To try to solve the load errors after upgrading Erlang / Elixir:
      • Force C code to be recompiled every time deps.compile is called.
      • Added basic upgrade function to the NIF library.
    • To be compatible with the nerves project:
      • Added CROSSCOMPILE option to the Makefile.
      • Stopped the library autoloading on compilation (requires Elixir 1.2.2).

2.0.0 (2015-12-17)

  • Changes
    • Increased the default number of rounds for pbkdf2_sha512 to 100_000.
    • Removed create_hash and create_user functions.
    • Moved the password strength checker and random password generator to a separate package, called NotQwerty123.
      • This means that i18n support has been moved to NotQwerty123.

1.6.0 (2015-11-17)

  • Changes
    • Edited C code and deleted unused functions.

1.5.0 (2015-11-10)

  • Changes
    • Moved gettext support to comeonin_i18n optional dependency.
    • Removed forced compilation of C code in dev and prod environments.

1.4.0 (2015-11-06)

  • Enhancements
    • Added gettext support.
    • Added Japanese translations for messages.

1.3.0 (2015-10-18)

  • Enhancements
    • Improved the efficiency of the common password check for the strong_password function.
    • Added more information to the Mix build errors.
  • Changes
    • Forcing compilation of C code in dev and prod environments.

1.2.0 (2015-09-26)

  • Enhancements
    • Added a common option to the strong_password check. This checks for passwords that are easy to guess, or common.
    • Improved random password generator -- added a check to ensure it is strong and set the minimum length to 8 characters.

1.1.4 (2015-09-25)

  • Bug fix
    • Removed random_bytes function. Now calling :crypto.strong_rand_bytes directly.

1.1.0 (2015-07-28)

  • Changes
    • Divided the strong password check into two parts: minimum length and check for punctuation characters and digits.
    • Removed configutation values for password length for generated passwords and minimum length of passwords for the password check.

1.0.5 (2015-07-14)

  • Bug fix
    • Replaced Mix.Shell.info with IO.binwrite to prevent compile errors with certain character encodings.

1.0.1 (2015-05-31)

  • Enhancements
    • Enabled the create_user function to be used with atoms as keys as well as strings.

1.0.0 (2015-05-20)

  • Changes
    • Renamed signup_user, function to check password strength before hashing the password, to create_user.
  • Enhancements
    • Added create_user function which takes a map, removes the "password" entry and adds a "password_hash" entry.

0.11.0 (2015-05-19)

  • Changes
    • Renamed hashpwsalt/2 to signup_user/1.

0.10.0 (2015-05-14)

  • Changes
    • Removed log_rounds, or rounds, parameter for the function hashpwsalt.
    • Added option to check password (for strength) in the function hashpwsalt (hashpwsalt/2).

0.9.0 (2015-05-08)

  • Enhancements
    • Added random password generator.
    • Added optional check to test if passwords have digits and punctuation characters.
  • Bug fixes
    • Added information about password strength and password policies to the documentation.

0.8.2 (2015-05-02)

  • Bug fixes
    • Updated Windows build and improved error information at compile time.

0.8.0 (2015-04-20)

  • Bug fixes
    • Updated bcrypt to support non-ascii characters in the password (pbkdf2 already supports these characters).

0.7.0 (2015-04-18)

  • Enhancements
    • Use crypto.strong_rand_bytes by default for generating random numbers.

0.6.0 (2015-04-17)

  • Enhancements
    • Updated bcrypt implementation to only call C functions for the most expensive operations.

0.5.0 (2015-04-14)

  • Enhancements
    • Updated bcrypt implementation so that long-running NIFs are cut to a minimum.

0.4.0 (2015-04-05)

  • Enhancements
    • Updated pbkdf2_sha512 to prevent users from calling hashpass without a salt.

0.3.0 (2015-03-04)

  • Enhancements
    • Updated bcrypt to version 1.5.2.

v0.2.4 (2015-02-26)

  • Enhancements
    • Added configuration options for number of log_rounds, or rounds.

v0.2.2 (2015-01-25)

  • Enhancements

    • Improved documentation about the recommended time the functions should take.
    • Increased default number of rounds for pbkdf2_sha512 from 40000 to 60000.
    • Improved implementation of dummy check.
  • Changes

    • Removed the salt_length optional argument from Comeonin.Pbkdf2.hashpwsalt. The only optional argument to this function is now the number of rounds.

v0.2.0 (2015-01-21)

  • Enhancements

    • Added support for pbkdf2_sha512.
    • Added Travis integration.
    • Added timing functions to help developers adjust the complexity of the key derivation functions.
  • Changes

    • Removed the hashing and check functions from the main Comeonin module.

v0.1.1

  • Bug fixes
    • Enable build on OS X.

v0.1.0

  • Bcrypt authentication.

Version History

Version Date
3.1.0 21 Jun 2017 02:06
3.0.2 11 Mar 2017 14:03
3.0.1 31 Dec 2016 02:12
3.0.0 04 Dec 2016 02:12
2.6.0 17 Oct 2016 10:10
2.5.3 15 Sep 2016 07:09
2.5.2 19 Jul 2016 01:07
2.5.1 28 Jun 2016 10:06
2.5.0 21 Jun 2016 03:06
2.4.0 08 Apr 2016 23:04
2.3.1 31 Mar 2016 05:03
2.3.0 26 Mar 2016 04:03
2.2.0 22 Mar 2016 03:03
2.1.1 14 Feb 2016 03:02
2.1.0 26 Jan 2016 04:01
2.0.3 24 Jan 2016 13:01
2.0.2 24 Jan 2016 11:01
2.0.1 08 Jan 2016 13:01
2.0.0 17 Dec 2015 02:12
1.6.0 17 Nov 2015 02:11
1.5.0 10 Nov 2015 08:11
1.4.1 09 Nov 2015 10:11
1.4.0 06 Nov 2015 02:11
1.3.2 05 Nov 2015 04:11
1.3.1 01 Nov 2015 17:11
1.3.0 18 Oct 2015 04:10
1.2.2 29 Sep 2015 02:09
1.2.1 28 Sep 2015 06:09
1.2.0 26 Sep 2015 02:09
1.1.4 25 Sep 2015 05:09
1.1.3 14 Sep 2015 05:09
1.1.2 30 Jul 2015 04:07
1.1.1 30 Jul 2015 03:07
1.1.0 28 Jul 2015 10:07
1.0.5 14 Jul 2015 13:07
1.0.4 13 Jul 2015 12:07
1.0.3 07 Jun 2015 07:06
1.0.2 06 Jun 2015 07:06
1.0.1 31 May 2015 08:05
1.0.0 20 May 2015 06:05
0.11.3 19 May 2015 16:05
0.11.2 19 May 2015 11:05
0.11.1 19 May 2015 10:05
0.11.0 19 May 2015 04:05
0.10.0 14 May 2015 12:05
0.9.0 08 May 2015 08:05
0.8.2 02 May 2015 09:05
0.8.1 26 Apr 2015 08:04
0.8.0 20 Apr 2015 13:04
0.7.0 18 Apr 2015 00:04
0.6.0 17 Apr 2015 12:04
0.5.1 17 Apr 2015 08:04
0.5.0 14 Apr 2015 08:04
0.4.0 05 Apr 2015 07:04
0.3.1 24 Mar 2015 12:03
0.3.0 04 Mar 2015 08:03
0.2.4 27 Feb 2015 01:02
0.2.3 03 Feb 2015 10:02
0.2.2 25 Jan 2015 01:01
0.2.1 23 Jan 2015 01:01
0.2.0 21 Jan 2015 12:01
0.1.1 08 Jan 2015 20:01
0.1.0 03 Jan 2015 09:01