Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Improve secret q/a by using a more modern hashing method. #4993
Fixes #3117 by using hash_password. We do not convert old answers as we have no way to verify them. We accept both md5 and hash_password_verify. Due to the varying lengths of the two methods, we don't need to try and figure out the length first. This doesn't attempt to convert the secret question upon successful answers.