[wp-trac] [WordPress Trac] #21022: Use bcrypt for password hashing; updating old hashes
WordPress Trac
noreply at wordpress.org
Sun Dec 11 20:05:11 UTC 2022
#21022: Use bcrypt for password hashing; updating old hashes
-------------------------------------------------+-------------------------
Reporter: th23 | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Future
| Release
Component: Security | Version: 3.4
Severity: major | Resolution:
Keywords: 2nd-opinion has-patch needs-testing | Focuses:
dev-feedback |
-------------------------------------------------+-------------------------
Comment (by my1xt):
@stgoos fullly agree over here, although considering we are 7.4 already
and in fact PHP7 as a whole is EOL by now, so the next version might as
well be PHP8+ why not just skip bcrypt and go all-out with argon2id?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/21022#comment:129>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list