Feature #26786

Use a safe password hashing mechanism

Added by Christopher Hlubek about 11 years ago. Updated almost 11 years ago.

Status:
Resolved
Priority:
Must have
Category:
-
Target version:
Start date:
2011-05-12
Due date:
% Done:

100%

Estimated time:

Description

The current AccountFactory uses the generateSaltedMd5 method of the HashService. Since MD5 is considered to be not safe, we should switch to either sha1 or another method for password hashing (e.g. also use an hmac).


Related issues

Related to TYPO3 Core - Feature #28230: Add support for PBKDF2 to hashingClosedStefan Neufeind2011-07-15

Actions

Also available in: Atom PDF