[wp-trac] [WordPress Trac] #21022: Allow bcrypt to be enabled via filter for pass hashing
WordPress Trac
noreply at wordpress.org
Tue Nov 21 15:47:41 UTC 2017
#21022: Allow bcrypt to be enabled via filter for pass hashing
-------------------------------------------------+-------------------------
Reporter: th23 | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Future
Component: Security | Release
Severity: normal | Version: 3.4
Keywords: 2nd-opinion has-patch needs-testing | Resolution:
5.0-early | Focuses:
-------------------------------------------------+-------------------------
Comment (by ryanhellyer):
I've been following this thread for five years. My original comment
stands. Once support for for PHP 5.2 is dropped, the password hashing
system should change.
I think this debate is better held in a ticket specific to the PHP version
number, as I don't see how this ticket can progress without the minimum
version number being increased. Once the minimum version number is
increased, implementing a better hashing algorithm seems like an obvious
and much needed upgrade. In the mean time, we just have to tolerate
reduced security.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/21022#comment:96>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list