Import external bcrypt plugin for password hashing #217
Commits on Feb 21, 2024
-
Import external bcrypt plugin for password hashing
It was noted in <#216> that our project template defaults to WordPress default hashing method for password, which is still in 2024 weak MD5. There has for a long time existed mu-plugin, which can be used to replace password hashing with bcrypt. This plugin hooks to WordPress core password handling functions, and overrides password checks so all obsolete MD5-hashed passwords will be converted to bcrypt (or whatever is in future the PHP default password hashing function). See source code for more documentation. Source: <https://raw.githubusercontent.com/roots/wp-password-bcrypt/master/wp-password-bcrypt.php> Original commit: <15f0d8919fb3731f79a0cf2fb47e1baecb86cb26> License: MIT Author: Roots Author URI: <https://roots.io> Closes: #216
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.