I'm new to Rails and am currently working through the tutorial at railstutorial.... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		beseku on May 23, 2011 \| parent \| context \| favorite \| on: Rails 3.1: Release candidate I'm new to Rails and am currently working through the tutorial at railstutorial.org. I'm a PHP/CodeIgniter dev so a lot of the features are new but many concepts are familiar. Browsing the linked GitHub code on the OP's link relating to the new secure_password stuff - does this make the authentication code used in the above tutorial obsolete - the commented example on GitHub indicated included BCrypt based password storage/authentication method ... ?

mhartl on May 23, 2011 [–]

The SHA2 digest approach in the Rails Tutorial book is still the standard in many applications and authentication plugins, and is fine for most applications. The basic techniques you'll learn in the current 3.0 version are still useful. That said, I am working on a new version of the book that uses bcrypt.

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact