Changes between Initial Version and Version 1 of Ticket #881, comment 22
- Timestamp:
- 10/21/2015 08:50:20 PM (9 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #881, comment 22
initial v1 2 2 3 3 * when storing the password, create an md5 of the password, truncating it to 20 characters. This should still provide significant entropy for a simple password (see [https://gist.github.com/adamsilverstein/68a75983f38df4ef3b4c this gist]) and has to be more secure than storing plaintext passwords 4 * on the login side, I added a new hashed password cookie, retaining backwards compatibility with plaintext passwords already stored in the database4 * on the login side, add a new hashed password cookie, retaining backwards compatibility with plaintext passwords already stored in the database 5 5 * remove the `maxlength` limit from the password entry field (note: the quick edit edition of this field _never_ had this limit, and entering a long password there currently fails) 6 6 * no longer display password in the post publish meta box. it was a bad idea to begin with and since we are hashing the password, we can't display it, thats why its secure.