[wp-trac] [WordPress Trac] #24367: Admin login with correct password fails
WordPress Trac
noreply at wordpress.org
Mon May 27 03:13:11 UTC 2013
#24367: Admin login with correct password fails
----------------------------+--------------------
Reporter: sergej.mueller | Owner:
Type: defect (bug) | Status: new
Priority: high | Milestone: 3.6
Component: Administration | Version: trunk
Severity: blocker | Resolution:
Keywords: has-patch |
----------------------------+--------------------
Comment (by nacin):
Yeah, we need to go back to storing a hash of the slashed password. Yes,
this is stupid, and we ought to fix it, but right now let's handle the
bug.
In 3.7, we can once again approach slashing with a scalpel, and actually
offer a rolling upgrade to take slashed-password hashes and turn them into
unslashed hashes (similar to what is done for md5 hashes). (I'm pretty
sure authentication cookies are in a similar predicament.)
I'm fine with [attachment:24367.3.patch]. ryan?
--
Ticket URL: <http://core.trac.wordpress.org/ticket/24367#comment:4>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list