[#2785] - [3.3] Implementing bcrypt for password hashing into Joomla as default method
- Closed
- 3 Mar 2014
- Medium
- Build: staging
- # 2785
- Diff
- Hackwar:bcrypt
- Success The Travis CI build passed Details
User tests: Successful: Unsuccessful:
This PR changes the Joomla password hashing infrastructure to using the password_hash() method and thus bcrypt for hashing the password.
I tested this code with PHPass passwords, bcrypt passwords and MD5 passwords with and without salt. All passwords are correctly changed to bcrypt and login is working. You also get an error when you use the wrong password.
Whomever commits this, please remember to merge to 3.3-dev and not staging.
| Title |
|
||||||
| Labels |
Added:
?
?
?
|
||||||
Closing as merged into 3.3-dev branch
| Status | New | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2014-03-03 07:32:05 |
so this is going into 3.3 release ???
so this is going into 3.3 release ???
Answer:
Closing as merged into 3.3-dev branch
Yes, it's already merged into the 3.3 branch. So if nobody detects a problem with it, it will be in the 3.3 release.
Here is the tracker item: http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=33115&start=0