/ Register

Welcome to Centmin Mod Community
Become a Member

Wordpress Stronger WordPress Password Hashing with bcrypt

Discussion in 'Blogs & CMS usage' started by eva2000, Apr 5, 2016.

Tags:
Previous Thread Next Thread
Loading...
  1. Apr 5, 2016 #1
    eva2000

    eva2000 Administrator Staff Member

    54,936
    12,240
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,812
    Local Time:
    9:48 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Interesting article over at WPMU Dev discussing stronger wordpress password hashing with bcrypt Making Your WordPress Password Hashing Stronger with bcrypt - WPMU DEV
    Would Centmin Mod users like to see Wordpress auto installer routine use the more secure bcrypt method via auto installed WP bcrypt plugin ?
     
  2. Apr 5, 2016 #2
    pamamolf

    pamamolf Premium Member Premium Member

    4,087
    428
    83
    May 31, 2014
    Ratings:
    +834
    Local Time:
    1:48 PM
    Nginx-1.25.x
    MariaDB 10.3.x
    Yes it is a must :)
     
  3. Apr 13, 2016 #3
    AKIN SENOL

    AKIN SENOL Member

    36
    3
    8
    Oct 17, 2014
    London
    Ratings:
    +8
    Local Time:
    11:48 AM
    1.9.12
    10.1.12
    It would be very nice and secure @eva2000
     
  4. Sep 26, 2017 #4
    rc112

    rc112 Member

    126
    14
    18
    Sep 22, 2017
    Ratings:
    +15
    Local Time:
    7:48 PM
    Hi Is there any update or plan on more secure bcrypt method? Very interested. Thanks.
     
  5. Sep 26, 2017 #5
    eva2000

    eva2000 Administrator Staff Member

    54,936
    12,240
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,812
    Local Time:
    9:48 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    haven't revisited this topic in ages. Not sure if Wordpress changed their default hashing method by default yet ? If they haven't there's a few plugins that offer this too https://wordpress.org/plugins/search/bcrypt/

    the one mentioned in above article looks interesting but it's manual install (which i could automate) https://roots.io/plugins/bcrypt-password/ though last time it was updated was Feb 2016 https://github.com/roots/wp-password-bcrypt/blob/master/wp-password-bcrypt.php though whether it needed updating is another question https://github.com/roots/wp-password-bcrypt/issues/10.
     
    Last edited: Sep 26, 2017
  6. Sep 27, 2017 #6
    rc112

    rc112 Member

    126
    14
    18
    Sep 22, 2017
    Ratings:
    +15
    Local Time:
    7:48 PM
    yes, thanks for pointing out the issues. Maybe 2 way authentication would help! Thanks.
     
Previous Thread Next Thread
Loading...

.