From: Petr Skoda <skodak@moodle.org>
Date: Tue, 17 Nov 2009 16:30:39 +0000 (+0000)
Subject: MDL-18006 MDL-18807 MDL-20853 suggest some longer and better salt
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=5cc1e1eb75ffe252062a127aeb7d6baa6f71e2ac;p=moodle.git

MDL-18006 MDL-18807 MDL-20853 suggest some longer and better salt
---

diff --git a/config-dist.php b/config-dist.php
index 34a7b879d1..7e87ead756 100644
--- a/config-dist.php
+++ b/config-dist.php
@@ -67,7 +67,7 @@ $CFG->dbpersist = false;         // Should database connections be reused?
 // automatically in installer, you have to uncomment and modify value
 // on the next line if you are creating config.php manually.
 //
-// $CFG->passwordsaltmain = 'type_something_random_long_and_unique_here_!/.,#$~^@{}*&';
+// $CFG->passwordsaltmain = 'a_very_long_random_string_of_characters#@6&*1';
 //
 // After changing the main salt you have to copy old value into one
 // of the following settings - this allows migration to the new salt
diff --git a/lang/en_utf8/report_security.php b/lang/en_utf8/report_security.php
index aa72f71bdc..ce0887b88c 100644
--- a/lang/en_utf8/report_security.php
+++ b/lang/en_utf8/report_security.php
@@ -123,7 +123,7 @@ $string['check_passwordsaltmain_name'] = 'Password salt';
 $string['check_passwordsaltmain_warning'] = 'No password salt has been set';
 $string['check_passwordsaltmain_ok'] = 'Password salt is OK';
 $string['check_passwordsaltmain_weak'] = 'Password salt is weak';
-$string['check_passwordsaltmain_details'] = '<p>It is strongly recommended that a password salt is set as it greatly reduces the risk of password theft.<br />To set a password salt add the following to your config.php file.</p><code>\$CFG->passwordsaltmain = \'arandomstringofcharacters\';</code><p>The random string of characters should be a mix of letters, numbers and other characters.</p>';
+$string['check_passwordsaltmain_details'] = '<p>It is strongly recommended that a password salt is set as it greatly reduces the risk of password theft.<br />To set a password salt add the following to your config.php file.</p><code>\$CFG->passwordsaltmain = \'a_very_long_random_string_of_characters#@6&*1\';</code><p>The random string of characters should be a mix of letters, numbers and other characters.</p>';
 
 $string['check_riskadmin_detailsok'] = '<p>Please verify the following list of system administrators:</p>$a';
 $string['check_riskadmin_detailswarning'] = '<p>Please verify the following list of system administrators:</p>$a->admins