[wp-trac] [WordPress Trac] #21022: Use bcrypt for password hashing; updating old hashes
WordPress Trac
noreply at wordpress.org
Sun Dec 11 22:58:00 UTC 2022
#21022: Use bcrypt for password hashing; updating old hashes
-------------------------------------------------+-------------------------
Reporter: th23 | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Future
| Release
Component: Security | Version: 3.4
Severity: major | Resolution:
Keywords: 2nd-opinion has-patch needs-testing | Focuses:
dev-feedback |
-------------------------------------------------+-------------------------
Comment (by bgermann):
The argon2 suggestion has a problem: It is optional in PHP compilation.
I suggest not using it when compatibility was a concern for a decade.
WordPress always took the stance not to bother people with environment
issues and depending on a specific PHP compile-time configuration flag is
completely against that notion.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/21022#comment:132>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list