Summary

Remove legacy password hashers from PASSWORD_HASHERS.

Review Request #14835 — Created Feb. 19, 2026 and submitted Feb. 26, 2026, 11:34 a.m.

Information

Owner

david

Repository

Review Board

Branch

master

Bugs

Depends On

Reviewers

Groups

reviewboard

People

Description

We've had a bunch of outdated password hashers listed in the hashers
config for compatibility with old databases, but many of those insecure
hashers have finally been removed from the Django code. This change gets
rid of them.

Testing Done

Ran unit tests.

Commits

Summary	ID
Remove legacy password hashers from PASSWORD_HASHERS. We've had a bunch of outdated password hashers listed in the hashers config for compatibility with old databases, but many of those insecure hashers have finally been removed from the Django code. This change gets rid of them. Testing Done: Ran unit tests.	xwsnxzwrssnnppzytluosklwttyqrvmx

Issues

Description	From	Last Updated
Looks like this one is still available in Django 5.2 (source)	maubin	Feb. 25, 2026, 8:13 a.m.

flake8 passed.

JSHint passed.

reviewboard/settings.py (Diff revision 1)

The issue has been dropped. Show all issues

Looks like this one is still available in Django 5.2 (source)

david Feb. 25, 2026, 8:13 a.m.

I think they've left it in for unit testing purposes, but it really should not be in our hashers for actual passwords.

Ship it!

```
Ship It!
```

Status:: Completed
Change Summary:: Pushed to master (02cdf3c)