Plugin / PHP Native password hash
Ayesh Karunaratne
Changelog
Changelog
1.0
- Initial release.
1.1
- Fixed a bug for PHP 5.5 users whose PHP core lacks the time-safe hash_equals function, resulting in a fatal error. This version introduces a polyfill to add that functionality for PHP 5.5 users. Users with newer PHP versions will use PHP-provided hash_equals() function.
1.2
- This plugin now requires WordPress minimum version 3.9.2 the least, and uses the hash_equals() function polyfill provided by WordPress core.
1.4
- Skipped 1.3 version because a WIP Argon2i support conflicted with the bug fix (#2). Argon2i support will be added in a future release.
- Fixes an error with password validation when the PasswordHash class from WordPress core is not loaded. See https://github.com/Ayesh/wordpress-password-hash/pull/2
1.5
- Fix a security issue with the password verification when updating from a password_hash()-compatible hashing algorithm to another. Thanks to Steve Thomas (Sc00bz on Github).
2.0
This is a major rewrite of the plugin. This version still requires PHP 5.5, but WordPress 5.2+ now requires PHP version 5.6 to function, and this is enforced at plugin level as well.
Core functionality of the plugin is extracted to a separate class. This plugin aims to be as light-weight as possible, and this version cuts the main plugin file size to less than half the v1.x size.
There is a new namespaced PasswordHash class that is more cleaner and well-structured compared to our v1 code base.
- Fixes a bug that the hook-provided hash cost changes did not trigger a password rehash. Thanks to Steve Thomas (Sc00bz on Github).
- Adds support for Argon2I, Argon2ID and any future hashing algorithms PHP will introduce. See the updated FAQ item on how to use the new hashing algorithms.
- Removed a helper function used to trigger an admin warning if the plugin cannot properly work. The notices are now shown with help of lambda functions (which further reduces the code bloat and load).
2.1
- Adds support for “WP_PASSWORD_HASH_OPTIONS” configuration option that can be set in
wp-config.phpto configure password hashing options.
Get Started With Free Trial
Explore the offer details: Discover it now
Ratings
Rating breakdown
Details Information
Version
First Released
Total Downloads
Wordpress Version
Tested up to:
Require PHP Version:
Tags
Contributors
Languages
The plugin hasn't been transalated in any language other than English.
DIRECTORY DISCLAIMER
The information provided in this THEME/PLUGIN DIRECTORY is made available for information purposes only, and intended to serve as a resource to enable visitors to select a relevant theme or plugin. wpSocket gives no warranty of any kind, express or implied with regard to the information, including without limitation any warranty that the particular theme or plugin that you select is qualified on your situation.
The information in the individual theme or plugin displayed in the Directory is provided by the owners and contributors themselves. wpSocket gives no warranty as to the accuracy of the information and will not be liable to you for any loss or damage suffered by you as a consequence of your reliance on the information.
Links to respective sites are offered to assist in accessing additional information. The links may be outdated or broken. Connect to outside sites at your own risk. The Theme/Plugin Directory does not endorse the content or accuracy of any listing or external website.
While information is made available, no guarantee is given that the details provided are correct, complete or up-to-date.
wpSocket is not related to the theme or plugin, and also not responsible and expressly disclaims all liability for, damages of any kind, arising out of the use, reference to, or reliance on, any information or business listed throughout our site.