Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-28214

Password hash silently defaults to MD5

    XMLWordPrintable

    Details

      Description

      Both new stack and legacy default to MD5 if the hash type is not recognised, with no warning.

      We should throw an exception here, or (legacy) default to PASSWORD_HASH_PHP_DEFAULT aka. bcrypt and log an error.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                gunnstein.lye@ez.no Gunnstein Lye
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 4 days, 5 hours, 45 minutes
                  4d 5h 45m