

Rails 3.1 will secure passwords out of the box - jagira
https://github.com/rails/rails/blob/master/activemodel/lib/active_model/secure_password.rb

======
jagira
Thank you Gawker for bringing password security issue back into limelight.

~~~
svlla
agree. it's too bad that Django, out-of-the-box, is still using SHA1+salt.
it'd be nice to see it switch to bcrypt or something similar.

