Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security] Automatically upgrade password storage on login #957

Closed
jstanden opened this issue Jun 15, 2019 · 1 comment
Closed

[Security] Automatically upgrade password storage on login #957

jstanden opened this issue Jun 15, 2019 · 1 comment
Projects
Milestone

Comments

@jstanden
Copy link
Owner

@jstanden jstanden commented Jun 15, 2019

No description provided.

@jstanden jstanden created this issue from a note in Roadmap Notes (To do) Jun 15, 2019
@jstanden jstanden added this to the 9.4 milestone Jun 15, 2019
@jstanden jstanden removed this from To do in Roadmap Notes Jun 15, 2019
@jstanden jstanden added this to To do in 9.4 via automation Jun 15, 2019
@jstanden jstanden moved this from To do to In progress in 9.4 Oct 26, 2019
@jstanden

This comment has been minimized.

Copy link
Owner Author

@jstanden jstanden commented Oct 28, 2019

Implemented in 9.4

@jstanden jstanden closed this Oct 28, 2019
9.4 automation moved this from In progress to Done Oct 28, 2019
jstanden added a commit that referenced this issue Dec 10, 2019
…Previously, this used a custom method (legacy salted SHA1/MD5). Now this uses PHP's newer `password_hash()` feature, which will automatically improve over time to use stronger algorithms at higher computational costs. When necessary, worker passwords will be rehashed on the next successful login.

Implements #957
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
9.4
  
Done
1 participant
You can’t perform that action at this time.