[wp-trac] [WordPress Trac] #21022: Allow bcrypt to be enabled via filter for pass hashing
WordPress Trac
noreply at wordpress.org
Wed Oct 7 18:09:25 UTC 2015
#21022: Allow bcrypt to be enabled via filter for pass hashing
-----------------------------------+------------------------------
Reporter: th23 | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version: 3.4
Severity: normal | Resolution:
Keywords: 2nd-opinion has-patch | Focuses:
-----------------------------------+------------------------------
Comment (by knutsp):
I think mojorob has a valid point here. The really big sites will or
should know what they are doing, and I can't imagine them suddenly
downgrading to PHP 5.3 without knowing what they will be facing in this
case.
You can already do much more bad/unwise things already, with hooks,
filters, dropins and pluggables.
I'm all for responsible thinking when adding hooks, like not inviting to
do hazardous and harmful things, but this is meant to enable enhanced
security, not?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/21022#comment:56>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list