devised moved the encryptable module to a different gem. However, they state that Bcrypt already uses a salt by default. I'm a bit confused. Without adding :encryptable to my models, are they salted?
Asked
Active
Viewed 1,032 times
2
CamelCamelCamel
- 5,200
- 8
- 61
- 93
1 Answers
4
:encryptable is used for encryption methods other than the default. The default encryption method bcrypt is salted. It is an interface which Devise can use so that you can also define other encryption methods.
See How can bcrypt have built-in salts? for details of the salt and how it is stored.
