minor documentation updates - typo in changes, better listing of ident values for bcrypt

3 files changed, 16 insertions, 12 deletions

diff --git a/CHANGES b/CHANGES
index b249400..af48dad 100644
--- a/CHANGES
+++ b/CHANGES
@@ -14,9 +14,9 @@ Overview
 
     Welcome to Passlib 1.6.
 
-    The main goals of this release were to clean up the codebase, tighten input 
+    The main goal of this release was to clean up the codebase, tighten input 
     validation, and simplify the publically exposed interfaces. This release also 
-    brings with it a number of other improvements: 10 or so new hash algorithms, 
+    brings a number of other improvements: 10 or so new hash algorithms, 
     additional security precautions for the existing algorithms, 
     a number of speed improvements, and updated documentation.
 
@@ -139,7 +139,7 @@ Existing Hashes
 
     :doc:`ldap_salted_{digest} </lib/passlib.hash.ldap_std>`
         The LDAP salted digests now support salts of any size
-        from 4-16 bytes, though they still default to 8 (:issue:`30`).
+        from 4-16 bytes, though they still default to 4 (:issue:`30`).
 
     :doc:`md5_crypt </lib/passlib.hash.md5_crypt>`, :doc:`sha256_crypt </lib/passlib.hash.md5_crypt>`, :doc:`sha512_crypt </lib/passlib.hash.md5_crypt>`
         The builtin implementation of these hashes has been
diff --git a/docs/lib/passlib.hash.bcrypt.rst b/docs/lib/passlib.hash.bcrypt.rst
index a44a121..1c7fa49 100644
--- a/docs/lib/passlib.hash.bcrypt.rst
+++ b/docs/lib/passlib.hash.bcrypt.rst
@@ -125,16 +125,16 @@ This implementation of bcrypt differs from others in a few ways:
   (This behavior will eventually be deprecated and such hashes
   will throw a :exc:`ValueError` instead).
 
-* the crypt_blowfish bug, and the 2x/2y hashes
+* The *crypt_blowfish* 8-bit bug
 
   .. _crypt-blowfish-bug:
 
   Pre-1.1 versions of the `crypt_blowfish <http://www.openwall.com/crypt/>`_
   bcrypt implementation suffered from a serious flaw [#eight]_
   in how they handled 8-bit passwords. The manner in which the flaw was fixed resulted
-  in two new bcrypt hash identifiers:
+  in *crypt_blowfish* adding support for two new BCrypt hash identifiers:
 
-  ``$2x$``, allowing sysadmins to mark ``$2a$`` hashes which potentially were
+  ``$2x$``, allowing sysadmins to mark any ``$2a$`` hashes which were potentially
   generated with the buggy algorithm. Passlib 1.6 recognizes, but does not
   currently support generating or verifying these hashes.
 
diff --git a/passlib/handlers/bcrypt.py b/passlib/handlers/bcrypt.py
index 66e4743..3f95d16 100644
--- a/passlib/handlers/bcrypt.py
+++ b/passlib/handlers/bcrypt.py
@@ -78,10 +78,14 @@ class bcrypt(uh.HasManyIdents, uh.HasRounds, uh.HasSalt, uh.HasManyBackends, uh.
 
     :type ident: str
     :param ident:
-        selects specific version of BCrypt hash that will be used.
-        Typically you want to leave this alone, and let it default to ``2a``,
-        but it can be set to ``2`` to use the older (and less secure)
-        version of the BCrypt algorithm.
+        Specifies which version of the BCrypt algorithm will be used when creating a new hash. 
+        Typically this option is not needed, as the default (``"2a"``) is usually the correct choice.
+        If specified, it must be one of the following: 
+           
+        * ``"2"`` - the first revision of BCrypt, which suffers from a minor security flaw and is generally not used anymore.
+        * ``"2a"`` - latest revision of the official BCrypt algorithm, and the current default.
+        * ``"2y"`` - format specific to the *crypt_blowfish* BCrypt implementation,
+          identical to ``"2a"`` in all but name.
 
     :type relaxed: bool
     :param relaxed:
@@ -94,8 +98,8 @@ class bcrypt(uh.HasManyIdents, uh.HasRounds, uh.HasSalt, uh.HasManyBackends, uh.
         .. versionadded:: 1.6
 
     .. versionchanged:: 1.6
-        This class now supports ``2y`` hashes, and recognizes
-        (but does not support) the broken ``2x`` hashes.
+        This class now supports ``"2y"`` hashes, and recognizes
+        (but does not support) the broken ``"2x"`` hashes.
         (see the :ref:`crypt_blowfish bug <crypt-blowfish-bug>`
         for details).
     """