[wp-trac] [WordPress Trac] #17830: The extension mechanisms related to hashing and storing passwords could be improved
WordPress Trac
wp-trac at lists.automattic.com
Sat Jun 18 09:39:20 UTC 2011
#17830: The extension mechanisms related to hashing and storing passwords could be
improved
-------------------------+----------------------
Reporter: monperrus | Owner:
Type: enhancement | Status: closed
Priority: normal | Milestone:
Component: General | Version:
Severity: normal | Resolution: invalid
Keywords: |
-------------------------+----------------------
Comment (by monperrus):
Replying to [comment:2 nacin]:
> The entire authentication system is pluggable.
Indeed it is. I am just saying that overriding wp_new_user_notification to
intercept newly created passwords and adding add_action('profile_update',
'action_profile_update' ); to intercept updated passwords is a hack that
could be avoided.
> WP.org and WP.com run a patched mod_auth_mysql which supports phpass:
http://barry.wordpress.com/2008/05/19/mod_auth_mysql-and-phpass/. (The
patch was rejected upstream.)
Thanks for the link.
--Martin
--
Ticket URL: <http://core.trac.wordpress.org/ticket/17830#comment:4>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list