WordPress.org

Make WordPress Core

Opened 8 years ago

Closed 8 years ago

#25536 closed feature request (invalid)

Salt + Password for HASH generation

Reported by: transferindo.com Owned by:
Milestone: Priority: normal
Severity: normal Version: 3.6.1
Component: Security Keywords:
Focuses: Cc:

Description

Hello,

I would request that one of the SALT configured in WP-CONFIG be used with user's password to generate the HASH that stored in the DATABASE.

Regards,

Renato

Change History (1)

#1 @bpetty
8 years ago

  • Keywords needs-patch dev-feedback removed
  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Severity changed from major to normal
  • Status changed from new to closed

WordPress already uses per-password-salts through the use of phpass. Using any of the random keys in wp-config would actually be less secure.

Note: See TracTickets for help on using tickets.