[wp-trac] Re: [WordPress Trac] #5383: security notification
WordPress Trac
wp-trac at lists.automattic.com
Fri Nov 23 22:57:51 GMT 2007
#5383: security notification
-------------------------+--------------------------------------------------
Reporter: chuckpeters | Owner: anonymous
Type: defect | Status: new
Priority: high | Milestone: 2.5
Component: General | Version:
Severity: critical | Resolution:
Keywords: |
-------------------------+--------------------------------------------------
Comment (by santosj):
Solutions already exist or can exist with a plugin. However, such a plugin
has not yet been referenced on WP-Hackers. Travis has stated that he
developed a system for his web site that uses sessions to correct this
problem.
However, since the solution calls for either using PHP Sessions, PHPass,
and/or salting passwords, I don't think it is trival and could cause
problems. I can't think of an solution that doesn't involve resetting
everyone's password once the change is implemented.
--
Ticket URL: <http://trac.wordpress.org/ticket/5383#comment:3>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list