[wp-trac] [WordPress Trac] #50027: Retire Phpass and use PHP native password hashing

WordPress Trac noreply at wordpress.org
Wed Apr 29 15:45:21 UTC 2020 

#50027: Retire Phpass and use PHP native password hashing
-------------------------------------------------+-------------------------
 Reporter:  ayeshrajans                          |       Owner:  (none)
     Type:  defect (bug)                         |      Status:  new
 Priority:  normal                               |   Milestone:  Awaiting
                                                 |  Review
Component:  Security                             |     Version:
 Severity:  normal                               |  Resolution:
 Keywords:  2nd-opinion needs-unit-tests needs-  |     Focuses:
  patch                                          |
-------------------------------------------------+-------------------------

Comment (by Otto42):

 Replying to [comment:5 ayeshrajans]:
 > Thanks a lot for the in-depth comment @Otto42, very helpful.
 >
 > In that plugin, one of the use cases was to make it possible for
 WordPress and a custom site to share login, so having raw passwords gone
 through `password_hash` helped to keep things cleaner, so it became a
 design choice to ignore the 72 char limit.
 >
 > I see the points raised about bcrypt's 72 byte limitation, and while
 they are valid and can solve the very problem of "unlimited" length
 passwords, I would like to propose that we do not pre-hash passwords.

 Hashes are the same regardless of where they are run. Truncating passwords
 at 72 doesn't make them any more portable.

 `hash( 'sha384', $string )` returns the same on any system for the same
 $string.

 Truncating passwords to 72 bytes reduces security for no reason.

 Also consider that we profess to support multibyte character sets, and
 72/4 = 18, and 18 characters is certainly not long enough for what I would
 consider to be a secure password, even if it is in non-latin characters.

 > If we pick to pre-hash passwords, lets go with base64-encode sha2. Hash
 length shouldn't matter a lot because we will truncate it to 72 either
 way.

 The "sha2" is not a method I know. The php hash function supports many
 things, and I'm suggesting we use "sha384". SHA384 produces 48 bytes,
 which is 64 in base64, which fits into our 72 limit.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/50027#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list