|Reported by:||nacin||Owned by:||nacin|
The $user_pass_md5 global stores an md5 hash of the user_pass hash, which makes no sense. It has roots in b2 (see [8/trunk/b2-include/b2functions.php]) and for all I know, b2 used to store plain text passwords and this actually was the md5 at one point. No plugin is using it unless they copy-pasted from setup_userdata(). Time for it to go.