From: Robert Kaiser <kairo@kairo.at>
Date: Wed, 26 Oct 2016 23:49:06 +0000 (+0200)
Subject: actually use the on-disk site-specific nonce to 'pepper' passwords before hashing... 
X-Git-Url: https://git-public.kairo.at/?p=authserver.git;a=commitdiff_plain;h=087085d618e57aea5f292a5bb57d46304574cc6a;hp=087085d618e57aea5f292a5bb57d46304574cc6a

actually use the on-disk site-specific nonce to 'pepper' passwords before hashing so that stealing the database won't even reveal weak passwords
---