Uploaded image for project: 'phpBB'
  1. phpBB
  2. PHPBB-11610

Use a more secure hashing method like bcrypt

XMLWordPrintable

    • Icon: Improvement Improvement
    • Resolution: Fixed
    • Icon: Major Major
    • 3.1.0-b1
    • 3.1.0-dev
    • Authentication
    • None

      phpBB has been using the phpass implementation of a salted md5 for password hashes since the beginnings of phpBB 3.0. With the minimum requirement of PHP 5.3.3 for phpBB 3.1 we can and should however move to more secure hashing methods like bcrypt.

      RFC topic: http://area51.phpbb.com/phpBB/viewtopic.php?f=108&t=33231

            naderman Nils Adermann
            Marc Marc
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: