[wp-trac] Re: [WordPress Trac] #2394: Passwords are stored in an
insecure un-salted form
WordPress Trac
wp-trac at lists.automattic.com
Thu Jun 28 15:23:25 GMT 2007
#2394: Passwords are stored in an insecure un-salted form
-----------------------+----------------------------------------------------
Reporter: sjmurdoch | Owner: pishmishy
Type: defect | Status: assigned
Priority: normal | Milestone: 2.4 (future)
Component: Security | Version: 2.0
Severity: normal | Resolution:
Keywords: has-patch |
-----------------------+----------------------------------------------------
Comment (by Otto42):
Replying to [comment:10 pishmishy]:
> This issue should have it's own ticket.
It was a suggestion, not an issue. It doesn't need it's own ticket. I was
just commented. Chill.
> WordPress doesn't only uses md5() hashes in password management.
As far as I can tell, yes, actually, it does. It uses md5 hashes in the
database and double md5 hashes as cookies. Where does it use anything
else?
--
Ticket URL: <http://trac.wordpress.org/ticket/2394#comment:11>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list