[wp-hackers] Password Handling Improvements - Trac Ticket #2870
stevelle at gmail.com
Tue Sep 25 22:30:35 GMT 2007
On 9/25/07, Callum Macdonald <lists.automattic.com at callum-macdonald.com> wrote:
> I'd also be in favour of storing the passwords differently, adding a
> unique salt value with each user and storing the md5 of the password
> plus the salt. That would protect user accounts from rainbow attacks.
> Anyone else think it's worth the effort?
Better, allow the salt to be overridden in wp-config.php for those of
us who choose to.
More information about the wp-hackers