Backported the example.conf change from r7bb90e1922b7

1 files changed, 9 insertions, 2 deletions

diff --git a/data/example.conf b/data/example.conf
index 609358ee6..81caf978e 100644
--- a/data/example.conf
+++ b/data/example.conf
@@ -260,6 +260,13 @@ options
 	 * NOTE: enc_old is Anope's previous (broken) MD5 implementation, if your databases
 	 * were made using that module, continue to use it and do not use enc_md5.
 	 *
+	 * NOTE: enc_sha1 relies on how the OS stores 2+ byte data internally, and is
+	 * potentially broken when moving between 2 different OSes, such as moving from
+	 * Linux to Windows. It is recommended that you use enc_sha256 instead if you want
+	 * to use an SHA-based encryption. If you choose to do so, it is also recommended
+	 * that you first try to get everyone's passwords converted to enc_sha256 before
+	 * switching OSes by placing enc_sha256 at the beginning of the list.
+	 *
 	 * Supported:
 	 *  - enc_none (plain text, no encryption)
 	 *  - enc_old (old, broken MD5 encryption)
@@ -267,8 +274,8 @@ options
 	 *  - enc_sha1 (SHA1 encryption)
 	 *  - enc_sha256 (SHA256 encryption with random salts)
 	 *
-	 * The first module in this list is the active encryption module. All new passwords are 
-	 * encrypted by this module. Old passwords stored in another encryption method are 
+	 * The first module in this list is the active encryption module. All new passwords are
+	 * encrypted by this module. Old passwords stored in another encryption method are
 	 * automatically re-encrypted by the active encryption module on next identify.
 	 * Changing the order of the modules requires the services to restart.
 	 */