[wp-trac] Re: [WordPress Trac] #2394: Passwords are stored in an
insecure un-salted form
WordPress Trac
wp-trac at lists.automattic.com
Thu Jun 28 14:09:20 GMT 2007
#2394: Passwords are stored in an insecure un-salted form
-----------------------+----------------------------------------------------
Reporter: sjmurdoch | Owner: pishmishy
Type: defect | Status: assigned
Priority: normal | Milestone: 2.4 (future)
Component: Security | Version: 2.0
Severity: normal | Resolution:
Keywords: has-patch |
-----------------------+----------------------------------------------------
Changes (by pishmishy):
* keywords: => has-patch
Comment:
Attached is a patch file that adds salted passwords to WordPress whilst
retaining support for the current plain MD5 scheme. I've not used the
crypt() scheme but done simple salting without any additional functions
apart from one to generate salt. As suggested I've used the length of the
stored password to determine if new salted passwords, or non-salted
passwords are being used for this account.
I've chosen to use a short, random alphanumeric string as the salt but
there's no reason why password_salt() can't be replaced with something
else. A friend suggested that the salt could be overloaded to store other
information such as the date the password was last changed but I'm not
sure this is worth the slight drop in security it would bring.
This is my largest patch to date and the changes effect authentication,
cookies, account changes and password recovery. I've done some simple
testing of everything (apart from the changes to user_pass_ok()), both
with old and new style password forms and everything appears to work as it
should - probably worth further testing though :-)
--
Ticket URL: <http://trac.wordpress.org/ticket/2394#comment:8>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list