[wp-trac] [WordPress Trac] #21022: Allow bcrypt to be enabled via filter for pass hashing
    WordPress Trac 
    noreply at wordpress.org
       
    Thu Nov  8 14:15:09 UTC 2012
    
    
  
#21022: Allow bcrypt to be enabled via filter for pass hashing
------------------------------+------------------------------
 Reporter:  th23              |       Owner:
     Type:  enhancement       |      Status:  new
 Priority:  normal            |   Milestone:  Awaiting Review
Component:  Security          |     Version:  3.4
 Severity:  normal            |  Resolution:
 Keywords:  2nd-opinion punt  |
------------------------------+------------------------------
Comment (by westi):
 Replying to [comment:24 rmccue]:
 > duck_ and I discussed this on IRC, especially with regard to the current
 cost factor of 8 in PHPass. On my local box, hashing 1k passwords takes
 ~2s, giving ~2ms per password. This should probably be bumped up slightly.
 The upcoming [https://wiki.php.net/rfc/password_hash password hashing API]
 in PHP 5.5 uses [https://github.com/php/php-
 src/blob/master/ext/standard/php_password.h#L33 10] as the cost, and we
 might want to switch to using that too. There's a
 [https://github.com/ircmaxell/password_compat compatibility library].
 >
 > Note that the compat library requires PHP 5.3.7+, since "PHP prior to
 5.3.7 contains a security issue with its BCRYPT implementation"; duck_
 noted [http://www.openwall.com/lists/announce/2011/06/21/1 the relevant
 crypt_blowfish update] and [http://www.openwall.com/lists/oss-
 security/2011/06/20/2 the bug description]:
 >
 >   The majority of hashes (but not all of them) for passwords containing
 characters with the 8th bit set are incompatible with OpenBSD's (really
 nasty, but no security impact here).
 >
 >   What's worse, approximately 3 in 16 passwords containing a single
 character with the 8th bit set have 1 to 3 characters immediately
 preceding the 8-bit character ignored.  With more than one character with
 the 8th bit set, things may be even worse.
 >
 >   Thus, those passwords may be much easier to crack than expected.
 >
 > i.e. With non-ASCII characters, there are severe security issues.
 >
 > Due to the above bug, I don't think we should be switching to bcrypt on
 by default until we require PHP 5.3.7+, which is not for a while. I'm
 going to recommend punting for now, but I'd like a second opinion before I
 do.
 >
 > ----
 >
 > Replying to [comment:8 jammycakes]:
 > > People often underestimate the seriousness of MD5 and the SHA-*
 algorithms being "less secure." They aren't just less secure: thanks to
 developments in password cracking in the past few years using GPU- and
 FPGA- based software, they are '''totally useless.''' Programs such as
 oclHashCat even have an option specifically to crack passwords in
 WordPress databases -- and the rate at which they can do so is terrifying.
 If you're not making a strong password hashing algorithm the default, out
 of the box option, you're exposing your users to unacceptable and
 unnecessary risk.
 >
 > If that's the case, I think we should increase the cost factor ASAP
 (which is backwards compatible, since it's stored in the salt IIRC).
 >
 > Replying to [comment:23 harrym]:
 > > Wow. I'm surprised it's that low.
 >
 > Check http://wordpress.org/about/stats/ for slightly more detail.
 I think it would be nice to see if we can modify WP's behaviour to use
 bcrypt where we can soon, but probably not for 3.5.
 We should probably target this investigation for 3.6-early with a view to
 backporting into the 3.5 branch as well.
 For now I think that pluggable function replacement is better plugin
 implementation than a filter for enabling bcrypt on sites where it is safe
 to do so.
-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/21022#comment:25>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
    
    
More information about the wp-trac
mailing list