[wp-trac] [WordPress Trac] #21022: Use bcrypt for password hashing; updating old hashes

WordPress Trac noreply at wordpress.org
Sat Feb 22 00:36:58 UTC 2025 

#21022: Use bcrypt for password hashing; updating old hashes
-------------------------------------------------+-------------------------
 Reporter:  th23                                 |       Owner:
                                                 |  johnbillion
     Type:  enhancement                          |      Status:  reopened
 Priority:  normal                               |   Milestone:  6.8
Component:  Security                             |     Version:  3.4
 Severity:  normal                               |  Resolution:
 Keywords:  has-patch needs-testing has-unit-    |     Focuses:
  tests has-dev-note                             |
-------------------------------------------------+-------------------------

Comment (by paragoninitiativeenterprises):

 Replying to [comment:232 johnbillion]:
 > 2. If we can safely decrease the length of the `wp_fast_hash()` hash
 without reducing its security then I am in favour. I am happy to defer to
 @paragoninitiativeenterprises on this.

 Let's use a tweak of the function I sketched out above:

 {{{#!php
 function wp_fast_hash(
         #[\SensitiveParameter]
         string $message,
         int $length = 24
 ): string {
         $hashed = sodium_crypto_generichash( $message, '', $length );
         return '$generic$' . sodium_bin2base64( $hashed,
 SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING );
 }
 }}}


 The character limit is 64 for a string that consists of `time() . ':' .
 wp_fast_hash( $key )`, per @dd32 above.

 If we quickly evaluate the possible values for `$length`, we observe that
 any number between 24 (recommended minimum) and 33 (larger than the
 libsodium default) fits the 64 character limit, when unpadded base64url
 encoding is used.

 https://3v4l.org/gP6lT

 Thus, the final recommended version of this function is as such:


 {{{#!php
 function wp_fast_hash(
         #[\SensitiveParameter]
         string $message
 ): string {
         $hashed = sodium_crypto_generichash( $message, 'wp_fast_hash' );
         return '$generic$' . sodium_bin2base64( $hashed,
 SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING );
 }
 }}}

 That is to say, leaving the default length but setting the key to
 `"wp_fast_hash"` to ensure domain-separation from other code that might
 use BLAKE2b.

 Therefore, our recommendation is to not shorten the hashes.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/21022#comment:239>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list