[wp-trac] [WordPress Trac] #21022: Allow bcrypt to be enabled via filter for pass hashing
WordPress Trac
noreply at wordpress.org
Sat Jan 2 01:44:31 UTC 2016
#21022: Allow bcrypt to be enabled via filter for pass hashing
---------------------------------------------+-----------------------------
Reporter: th23 | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting
Component: Security | Review
Severity: normal | Version: 3.4
Keywords: 2nd-opinion has-patch 4.5-early | Resolution:
| Focuses:
---------------------------------------------+-----------------------------
Comment (by Otto42):
I agree that this is a UX thing, and giving solid reasoning and
information to the user about why is important.
If the password-hash is detectable (via length or header), then this is
possible. 3 months ago, we didn't have PHP 7 getting adopted, or 4.4 with
increased length password fields. This seems doable now, but maybe making
the password hash mechanism more generic and pluggable is the way forward?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/21022#comment:69>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list