[wp-trac] [WordPress Trac] #21022: Use bcrypt for password hashing; updating old hashes

WordPress Trac noreply at wordpress.org
Mon Dec 12 14:19:48 UTC 2022


#21022: Use bcrypt for password hashing; updating old hashes
-------------------------------------------------+-------------------------
 Reporter:  th23                                 |       Owner:  (none)
     Type:  enhancement                          |      Status:  new
 Priority:  normal                               |   Milestone:  Future
                                                 |  Release
Component:  Security                             |     Version:  3.4
 Severity:  major                                |  Resolution:
 Keywords:  2nd-opinion has-patch needs-testing  |     Focuses:
  dev-feedback                                   |
-------------------------------------------------+-------------------------

Comment (by ryanhellyer):

 areReplying to [comment:140 bgermann]:
 > ... which still says: "Note: If you are in a legacy environment where
 you only have older PHP or MySQL versions, WordPress also works with PHP
 5.6.20+ and MySQL 5.0+, but these versions have reached official End Of
 Life and as such may expose your site to security vulnerabilities."

 To me, the "minimum required" is the minimum recommended. Not the minimum
 that technically still allows to function. I'm not sure how others
 interpret that.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/21022#comment:141>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list