Merge pull request #3325 from FlorianLB/supported_algorithms

weaverryan · weaverryan · commit 18ea83cc19fc · 2013-12-26T07:59:11.000-08:00
[WIP] [security] adding a tip about supported algorithm for 'hash' function
diff --git a/book/security.rst b/book/security.rst
@@ -1358,6 +1358,11 @@ the password is simply run through the ``sha1`` algorithm one time and without
 any extra encoding. You can now calculate the hashed password either programmatically
 (e.g. ``hash('sha1', 'ryanpass')``) or via some online tool like `functions-online.com`_
 
+.. tip::
+
+    Supported algorithms for this method depend on your PHP version.
+    A full list is available calling the PHP function :phpfunction:`hash_algos`.
+
 If you're creating your users dynamically (and storing them in a database),
 you can use even tougher hashing algorithms and then rely on an actual password
 encoder object to help you encode passwords. For example, suppose your User
