Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MD5 should not be used for passwords #31

Closed
nickvellios opened this issue Jan 15, 2018 · 4 comments
Closed

MD5 should not be used for passwords #31

nickvellios opened this issue Jan 15, 2018 · 4 comments
Labels
enhancement Feature suggestion

Comments

@nickvellios
Copy link

MD5 is not encryption and is about as secure as just storing passwords as plaintext. Please use password_hash().
@Tha14
Copy link

Tha14 commented Sep 5, 2018

I second this, using md5 was probably the worst idea...

@prasathmani
Copy link
Owner

MD5 has been removed. 7c9ecf5

@alecos71
Copy link
Contributor

Now the user and pass are in clear text, without any hash checking... use instead password_verify and password_hash...

prasathmani pushed a commit that referenced this issue Oct 16, 2018
Fix : Added Password_hash() #31
2331ce3
@prasathmani
Copy link
Owner

@alecos71 - password_hash() has been implemented. thanks for your suggestion.

ner00 pushed a commit to ner00/tinyfilemanager that referenced this issue May 7, 2023
Fix : Added Password_hash() prasathmani#31
45a4431
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement Feature suggestion
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@nickvellios @Tha14 @alecos71 @prasathmani