diff options
author | Angie Byron <webchick@24967.no-reply.drupal.org> | 2009-08-08 20:52:33 +0000 |
---|---|---|
committer | Angie Byron <webchick@24967.no-reply.drupal.org> | 2009-08-08 20:52:33 +0000 |
commit | 1da6ef52c44fd38785391d3a94af8e969344bc12 (patch) | |
tree | 074f1da5dae5e9d1877e601b097cf7e3dc7a957f /CHANGELOG.txt | |
parent | 78e3681cde7f4115b7f65cc3ebb0a2e61a27595a (diff) | |
download | brdo-1da6ef52c44fd38785391d3a94af8e969344bc12.tar.gz brdo-1da6ef52c44fd38785391d3a94af8e969344bc12.tar.bz2 |
#485974 by pwolanin, Damien Tournoud, mr.baileys: Improved security by limiting the number of allowed login attempts.
Diffstat (limited to 'CHANGELOG.txt')
-rw-r--r-- | CHANGELOG.txt | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 344d9e8a5..9d3d8075c 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -13,10 +13,11 @@ Drupal 7.0, xxxx-xx-xx (development version) This offers increased scalability and data integrity. - Security: * Protected cron.php -- cron will only run if the proper key is provided. - * Implemented much stronger password hashes that are also compatible with the - Portable PHP password hashing framework. - * Implemented a pluggable password hashing API supporting alternative - hashing and authentication schemes. + * Implemented a pluggable password system and much stronger password hashes + that are compatible with the Portable PHP password hashing framework. + * Rate limited login attempts to prevent brute-force password guessing, and + improved the flood control API to allow variable time windows and + identifiers for limiting user access to resources. - Usability: * Improved installer requirements check. * Improved support for integration of WYSIWYG editors. |