[wp-trac] [WordPress Trac] #44628: Repair DB rehashes password to md5

[WordPress Trac]

#44628: Repair DB rehashes password to md5
-------------------------------------+--------------------------
 Reporter:  yani.iliev               |       Owner:  johnbillion
     Type:  defect (bug)             |      Status:  closed
 Priority:  normal                   |   Milestone:  6.8
Component:  Upgrade/Install          |     Version:
 Severity:  normal                   |  Resolution:  fixed
 Keywords:  has-patch needs-testing  |     Focuses:
-------------------------------------+--------------------------
Changes (by johnbillion):

 * status:  accepted => closed
 * resolution:   => fixed


Comment:

 In [changeset:"59828" 59828]:
 {{{
 #!CommitTicketReference repository="" revision="59828"
 Security: Switch to using bcrypt for hashing user passwords and BLAKE2b
 for hashing application passwords and security keys.

 Passwords and security keys that were saved in prior versions of WordPress
 will continue to work. Each user's password will be opportunistically
 rehashed and resaved when they next subsequently log in using a valid
 password.

 The following new functions have been introduced:

 * `wp_password_needs_rehash()`
 * `wp_fast_hash()`
 * `wp_verify_fast_hash()`

 The following new filters have been introduced:

 * `password_needs_rehash`
 * `wp_hash_password_algorithm`
 * `wp_hash_password_options`

 Props ayeshrajans, bgermann, dd32, deadduck169, desrosj, haozi, harrym,
 iandunn, jammycakes, joehoyle, johnbillion, mbijon, mojorob, mslavco,
 my1xt, nacin, otto42, paragoninitiativeenterprises, paulkevan, rmccue,
 ryanhellyer, scribu, swalkinshaw, synchro, th23, timothyblynjacobs,
 tomdxw, westi, xknown.

 Additional thanks go to the Roots team, Soatok, Calvin Alkan, and Raphael
 Ahrens.

 Fixes #21022, #44628
 }}}

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/44628#comment:9>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform