[wp-trac] [WordPress Trac] #21022: Use bcrypt for password hashing; updating old hashes

Thu Apr 3 14:43:43 UTC 2025

#21022: Use bcrypt for password hashing; updating old hashes
----------------------------------------------+--------------------------
 Reporter:  th23                              |       Owner:  johnbillion
     Type:  enhancement                       |      Status:  reopened
 Priority:  normal                            |   Milestone:  6.8
Component:  Security                          |     Version:  3.4
 Severity:  normal                            |  Resolution:
 Keywords:  has-dev-note commit dev-reviewed  |     Focuses:
----------------------------------------------+--------------------------
Changes (by desrosj):

 * keywords:  has-dev-note dev-feedback => has-dev-note commit dev-reviewed

Comment:

 Thanks, @johnbillion. [60124] looks good to backport.

 I do think we explore ways to make hosts more aware of the fact that
 building PHP with Argon2 support is recommended. The
 [https://make.wordpress.org/hosting/handbook/server-environment/ Server
 Environment page] in the Hosting Handbook is likely a good starting point.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/21022#comment:260>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform