[wp-trac] [WordPress Trac] #21022: Allow bcrypt to be enabled via filter for pass hashing
WordPress Trac
noreply at wordpress.org
Fri Oct 20 12:51:40 UTC 2017
#21022: Allow bcrypt to be enabled via filter for pass hashing
-------------------------------------------------+-------------------------
Reporter: th23 | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Future
Component: Security | Release
Severity: normal | Version: 3.4
Keywords: 2nd-opinion has-patch needs-testing | Resolution:
4.9-early | Focuses:
-------------------------------------------------+-------------------------
Comment (by tomdxw):
MITRE have assigned the identifier CVE-2012-6707 to refer to the use of a
weak MD5-based hash to store passwords in WordPress.
By the way there's a patch which I think should satisfy all the concerns
raised in this ticket:
https://core.trac.wordpress.org/ticket/21022#comment:80
--
Ticket URL: <https://core.trac.wordpress.org/ticket/21022#comment:91>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list