diff --git a/django/contrib/auth/hashers.py b/django/contrib/auth/hashers.py index f561897d9bb4..8cfda79da536 100644 --- a/django/contrib/auth/hashers.py +++ b/django/contrib/auth/hashers.py @@ -98,8 +98,7 @@ async def acheck_password(password, encoded, setter=None, preferred="default"): def make_password(password, salt=None, hasher="default"): - """ - Turn a plain-text password into a hash for database storage + """Turn a plaintext password into a hash for database storage. Same as encode() but generate a new random salt. If password is None then return a concatenation of UNUSABLE_PASSWORD_PREFIX and a random string, diff --git a/docs/topics/auth/passwords.txt b/docs/topics/auth/passwords.txt index 37627ee3b676..fa5b0094a92e 100644 --- a/docs/topics/auth/passwords.txt +++ b/docs/topics/auth/passwords.txt @@ -488,10 +488,10 @@ from the ``User`` model. *Asynchronous version*: ``acheck_password()`` - If you'd like to manually authenticate a user by comparing a plain-text + If you'd like to manually authenticate a user by comparing a plaintext password to the hashed password in the database, use the convenience function :func:`check_password`. It takes two mandatory arguments: the - plain-text password to check, and the full value of a user's ``password`` + plaintext password to check, and the full value of a user's ``password`` field in the database to check against. It returns ``True`` if they match, ``False`` otherwise. Optionally, you can pass a callable ``setter`` that takes the password and will be called when you need to regenerate it. You @@ -502,7 +502,7 @@ from the ``User`` model. .. function:: make_password(password, salt=None, hasher='default') Creates a hashed password in the format used by this application. It takes - one mandatory argument: the password in plain-text (string or bytes). + one mandatory argument: the plaintext password (string or bytes). Optionally, you can provide a salt and a hashing algorithm to use, if you don't want to use the defaults (first entry of ``PASSWORD_HASHERS`` setting). See :ref:`auth-included-hashers` for the algorithm name of each