[wp-trac] Re: [WordPress Trac] #6754: Improve default wp_salt()
WordPress Trac
wp-trac at lists.automattic.com
Tue May 12 13:17:26 GMT 2009
#6754: Improve default wp_salt()
--------------------------+-------------------------------------------------
Reporter: filosofo | Owner: ryan
Type: defect (bug) | Status: new
Priority: low | Milestone: 2.9
Component: Security | Version:
Severity: minor | Keywords: SECRET_KEY wp_salt security
--------------------------+-------------------------------------------------
Changes (by aviewanew):
* cc: aviewanew (added)
Comment:
I'm not ''that'' familiar with wordpress internals, but if you added the
filetime to the hashes, wouldn't it screw you later if you edit wp-config?
If you migrate to a new server, or change you db password, or just "touch"
it, the time will get updated, and any submitted password won't hash to
the same value...
--
Ticket URL: <http://core.trac.wordpress.org/ticket/6754#comment:7>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list