Rails has_secure_password change cost coefficient BCrypt (aka work factor)

Question

When using the has_secure password in rails, how can I change the default cost factor used by BCrypt when creating a password digest?

I would like to do this because the default cost factor used - 10 - is apparently a bit lower ( this post recommends setting it to at least 12).

+4

Peter Berg Jan 21 '14 at 17:38

1 answer

Peter Berg · Accepted Answer · 2014-01-21T17:38:16+0000

This can be accomplished by placing the following code in the configuration file (e.g. production.rb, development.rb, test.rb, application.rb, etc.)

require 'bcrypt'
BCrypt::Engine::DEFAULT_COST = 12

, , , . .

$2a$12$k50jCqk8Bijj.wYxg69QBOg.t4VNMj/VmSkPCfeWWoOW

12 , $