Re: crypt() BC issue

From:	Andrea Faulds	Date:	Wed, 16 Jul 2014 01:12:34 +0000
Subject:	Re: crypt() BC issue
References:	1	Groups:	php.internals
Request:	Send a blank email to internals+get-75571@lists.php.net to get a copy of this message

On 16 Jul 2014, at 01:46, Yasuo Ohgaki <yohgaki@ohgaki.net> wrote:

> - Developer may use larger rounds and store updated hash when
>   user is authenticated with old PHP.
> - Developer may ask users to reset password if password hash has
>   to fewer rounds than 1000 (i.e. outdated hash) with new PHP.

Wait, doesn’t that mean you’re unable to verify passwords now?
--
Andrea Faulds
http://ajf.me/






   

Thread (32 messages)

• Yasuo OhgakiWed, 16 Jul 2014 00:46:54 +0000
  • Andrea FauldsWed, 16 Jul 2014 01:12:34 +0000
    • Yasuo OhgakiWed, 16 Jul 2014 01:45:24 +0000
      • Andrea FauldsWed, 16 Jul 2014 01:47:45 +0000
        • Yasuo OhgakiWed, 16 Jul 2014 01:54:47 +0000
  • Sara GolemonWed, 16 Jul 2014 23:53:07 +0000
    • Yasuo OhgakiThu, 17 Jul 2014 01:06:40 +0000
      • Tjerk MeestersThu, 17 Jul 2014 02:09:12 +0000
        • Yasuo OhgakiThu, 17 Jul 2014 02:25:06 +0000
          • Tjerk MeestersThu, 17 Jul 2014 06:16:38 +0000
            • Yasuo OhgakiThu, 17 Jul 2014 10:31:53 +0000
            • Adam HarveyThu, 17 Jul 2014 17:50:29 +0000
              • Anthony FerraraThu, 17 Jul 2014 19:38:23 +0000
                • Yasuo OhgakiThu, 17 Jul 2014 21:12:14 +0000
                  • Anthony FerraraThu, 17 Jul 2014 21:56:52 +0000
                    • Yasuo OhgakiSat, 19 Jul 2014 01:59:24 +0000
                      • Anthony FerraraSat, 19 Jul 2014 15:27:40 +0000
                        • Yasuo OhgakiSun, 20 Jul 2014 00:33:53 +0000
                          • Yasuo OhgakiMon, 21 Jul 2014 00:04:34 +0000
                            • David MuirMon, 21 Jul 2014 05:53:34 +0000
                              • Yasuo OhgakiMon, 21 Jul 2014 06:17:01 +0000
                                • Yasuo OhgakiMon, 21 Jul 2014 09:44:59 +0000
                                  • Anthony FerraraMon, 21 Jul 2014 14:32:10 +0000
                                    • Yasuo OhgakiTue, 22 Jul 2014 03:00:23 +0000
                                      • Pierre JoyeTue, 22 Jul 2014 03:12:38 +0000
                                    • Yasuo OhgakiTue, 22 Jul 2014 07:49:37 +0000
                                      • Anthony FerraraTue, 22 Jul 2014 14:27:25 +0000
                                        • Yasuo OhgakiWed, 23 Jul 2014 01:57:42 +0000
  • Yasuo OhgakiSat, 19 Jul 2014 02:15:01 +0000Re: crypt() BC issue
    • Nikita PopovSat, 19 Jul 2014 05:46:22 +0000Re: Re: crypt() BC issue
      • Yasuo OhgakiSat, 19 Jul 2014 08:44:14 +0000
        • Andrey AndreevSat, 19 Jul 2014 11:50:25 +0000