Make WordPress Core

Changes between Version 1 and Version 2 of Ticket #21022, comment 137


Ignore:
Timestamp:
12/12/2022 02:13:53 PM (18 months ago)
Author:
ryanhellyer
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #21022, comment 137

    v1 v2  
    44There could be a separate plugin and WP CLI tool which could auto-convert the passwords in bulk too. I think there wouldn't be a problem with server overload from the conversion process, but if there was, then we could even implement a system to allow admins to batch convert them all before they upgraded WordPress (leaving the original password hashes in place until core was upgraded).
    55
    6 EDIT: I forgot about the comment above regarding Argon2 being optional during compilation. But isn't a default feature anyway, so someone would need to actively compile with specific settings in order for this not to work right? That doesn't seem like  a problem to me. Doesn't WordPress already fail in some ways if PHP is compiled with different settings? (I can't think of any examples off the top of my head, but I'd have assumed such situations would exist)
     6EDIT: I forgot about the comment above regarding Argon2 being optional during compilation. But isn't a default feature anyway, so someone would need to actively compile with specific settings in order for this not to work right? That doesn't seem like  a problem to me. Doesn't WordPress already fail in some ways if PHP is compiled with different settings? (I can't think of any examples off the top of my head, but I'd have assumed such situations would exist) In rare situations where this did crop up, an error could be shown in the admin and the older (current) system could be used instead. If the site was migrated from an Argon2 encrypted site, then users would need to run a password reset in order to regain access.