New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Deprecate legacy password encryptors #10947

Closed

GuySartorelli opened this issue Sep 19, 2023 · 0 comments

Labels

affects/v5 impact/low type/enhancement

Milestone

Silverstripe CMS 5.2

Member

GuySartorelli commented Sep 19, 2023 •

edited

Loading

The following subclasses of PasswordEncryptor should be deprecated, to be removed in CMS 6:

PasswordEncryptor_None - we shouldn't ever offer the option to not encrypt passwords.
PasswordEncryptor_LegacyPHPHash - as per the phpdoc for this class, it "had a design flaw in password hashing"
PasswordEncryptor_MySQLOldPassword - Removed in MySQL 5.7.5 (see MySQL docs)
PasswordEncryptor_MySQLPassword - Deprecated in MySQL 5.7 and removed in MySQL 8.0 (see MySQL docs)

PRs

The text was updated successfully, but these errors were encountered:

GuySartorelli mentioned this issue

ENH Deprecate old password encryptors #10948

Merged

GuySartorelli added type/enhancement impact/low affects/v5 labels

GuySartorelli changed the title ~~Deprecate legacy password encryption options~~ Deprecate legacy password encryptors

GuySartorelli mentioned this issue

DOC Document deprecation of old password encryptors silverstripe/developer-docs#348

Merged

GuySartorelli added this to the Silverstripe CMS 5.2 milestone

emteknetnz closed this as completed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment