Change password encryption algorithm

Question

Opened this issue 8 years ago · 4 comments

Switch from SHA-1 to something better.
Maybe bcrypt or something like that?

Don't think that this is high priority, but should be done.

EDIT: Elkarte is using sha256.

Answer 1 · 2017-03-15T20:45:23.000Z

Did Elk switch to sha256 recently..?

Answer 2 · 2017-03-16T08:20:06.000Z

They switched to sha256 in January 2014.
elkarte/Elkarte@076fc85

Answer 3 · 2017-04-14T20:05:38.000Z

So... Should it be password_hash, at this point? I think I've seen that mentioned in passing...

Answer 4 · 2017-05-21T00:33:00.000Z

PR with password_hash: #68