[wp-trac] Re: [WordPress Trac] #2394: Passwords are stored in an insecure un-salted form

WordPress Trac wp-trac at lists.automattic.com
Thu Jun 28 14:09:20 GMT 2007


#2394: Passwords are stored in an insecure un-salted form
-----------------------+----------------------------------------------------
 Reporter:  sjmurdoch  |        Owner:  pishmishy   
     Type:  defect     |       Status:  assigned    
 Priority:  normal     |    Milestone:  2.4 (future)
Component:  Security   |      Version:  2.0         
 Severity:  normal     |   Resolution:              
 Keywords:  has-patch  |  
-----------------------+----------------------------------------------------
Changes (by pishmishy):

  * keywords:  => has-patch

Comment:

 Attached is a patch file that adds salted passwords to WordPress whilst
 retaining support for the current plain MD5 scheme. I've not used the
 crypt() scheme but done simple salting without any additional functions
 apart from one to generate salt. As suggested I've used the length of the
 stored password to determine if new salted passwords, or non-salted
 passwords are being used for this account.

 I've chosen to use a short, random alphanumeric string as the salt but
 there's no reason why password_salt() can't be replaced with something
 else. A friend suggested that the salt could be overloaded to store other
 information such as the date the password was last changed but I'm not
 sure this is worth the slight drop in security it would bring.

 This is my largest patch to date and the changes effect authentication,
 cookies, account changes and password recovery. I've done some simple
 testing of everything (apart from the changes to user_pass_ok()), both
 with old and new style password forms and everything appears to work as it
 should - probably worth further testing though :-)

-- 
Ticket URL: <http://trac.wordpress.org/ticket/2394#comment:8>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list