Want more timely Centmin Mod News Updates?
Become a Member

Wordpress Stronger WordPress Password Hashing with bcrypt

Discussion in 'Blogs & CMS usage' started by eva2000, Apr 5, 2016.

  1. eva2000

    eva2000 Administrator Staff Member

    30,161
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    5:23 PM
    Nginx 1.13.x
    MariaDB 5.5
    Interesting article over at WPMU Dev discussing stronger wordpress password hashing with bcrypt Making Your WordPress Password Hashing Stronger with bcrypt - WPMU DEV
    Would Centmin Mod users like to see Wordpress auto installer routine use the more secure bcrypt method via auto installed WP bcrypt plugin ?
     
    • Like Like x 1
    • Winner Winner x 1
  2. pamamolf

    pamamolf Well-Known Member

    2,721
    242
    63
    May 31, 2014
    Ratings:
    +433
    Local Time:
    10:23 AM
    Nginx-1.13.x
    MariaDB 10.1.x
    Yes it is a must :)
     
  3. AKIN SENOL

    AKIN SENOL Member

    36
    3
    8
    Oct 17, 2014
    London
    Ratings:
    +8
    Local Time:
    8:23 AM
    1.9.12
    10.1.12
    It would be very nice and secure @eva2000
     
  4. rc112

    rc112 New Member

    22
    2
    3
    Sep 22, 2017
    Ratings:
    +2
    Local Time:
    3:23 PM
    Hi Is there any update or plan on more secure bcrypt method? Very interested. Thanks.
     
  5. eva2000

    eva2000 Administrator Staff Member

    30,161
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    5:23 PM
    Nginx 1.13.x
    MariaDB 5.5
    haven't revisited this topic in ages. Not sure if Wordpress changed their default hashing method by default yet ? If they haven't there's a few plugins that offer this too https://wordpress.org/plugins/search/bcrypt/

    the one mentioned in above article looks interesting but it's manual install (which i could automate) https://roots.io/plugins/bcrypt-password/ though last time it was updated was Feb 2016 https://github.com/roots/wp-password-bcrypt/blob/master/wp-password-bcrypt.php though whether it needed updating is another question https://github.com/roots/wp-password-bcrypt/issues/10.
     
    Last edited: Sep 26, 2017
  6. rc112

    rc112 New Member

    22
    2
    3
    Sep 22, 2017
    Ratings:
    +2
    Local Time:
    3:23 PM
    yes, thanks for pointing out the issues. Maybe 2 way authentication would help! Thanks.