[wp-trac] [WordPress Trac] #21420: Login without salted MD5 Password
WordPress Trac
wp-trac at lists.automattic.com
Mon Jul 30 14:46:28 UTC 2012
#21420: Login without salted MD5 Password
--------------------------+-----------------------
Reporter: shubhamoy | Owner:
Type: defect (bug) | Status: reopened
Priority: normal | Milestone:
Component: General | Version: 3.4.1
Severity: normal | Resolution:
Keywords: close |
--------------------------+-----------------------
Comment (by shubhamoy):
@Nacin
If only the salted MD5 hashes are utilized then the attacker wouldn't be
able to enter the admin panel. So the attack wouldn't cause much damage.
And backup can be made compulsory on regular intervals to mitigate the
situations where a user forgets his/her password.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/21420#comment:8>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list