From 0870aeb02e1564e8e45079b01675e85b8aa11d83 Mon Sep 17 00:00:00 2001
From: Joe <joe@warhaggis.com>
Date: Wed, 25 Mar 2015 01:25:16 +0000
Subject: [PATCH] Add readme on creating a password

Since @rjacksonm1 decided to make passwords secure, let's tell users how to make a secure password.
---
 README.md | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/README.md b/README.md
index 4db089c..cfb6583 100644
--- a/README.md
+++ b/README.md
@@ -124,6 +124,16 @@ server {
 }
 ````
 
+Making a secure password
+----------------------
+Passwords can be stored in `username.ini` (where "username" is the user's username) in either plaintext, encryption algorithms supported by php `hash` or bcrypt (recommended). To generate a bcrypt encrypted password:
+````
+$ php -a
+> echo password_hash('desiredpassword', PASSWORD_BCRYPT);
+````
+This will produce a hash which is to be placed in the `password` field in `username.ini`. Ensure that the `encryption` field is set to `bcrypt`.
+
+
 Both Online or Offline
 ----------------------
 In addition by using the built-in editor in the admin panel, you can also write markdown files offline and then upload them (see naming convention below) into the `content/username/blog` folder (the `username` must match `YourUsername.ini` above).