-
Notifications
You must be signed in to change notification settings - Fork 788
Notes on password & hashing salting in upcoming PHP versions (PHP 5.5.x & 5.6 etc.)
panique edited this page Jun 21, 2013
·
1 revision
[put relevant stuff here, this might be interesting]
####Note #1 From this question of stackoverflow: http://stackoverflow.com/q/17225629/1114320, the answer is actually from Anthony Ferrara, who has build the PHP 5.5 hashing function and the compatibility lib.
Note: Updates to supported algorithms by this function (or changes to the default one) must follow the follwoing rules:
- Any new algorithm must be in core for at least 1 full release of PHP prior to becoming default. So if, for example, a new algorithm is added in 5.5.5, it would not be eligible for default until 5.7 (since 5.6 would be the first full release). But if a different algorithm was added in 5.6.0, it would also be eligible for default at 5.7.0.
- The default should only change on a full release (5.6.0, 6.0.0, etc) and not on a revision release. The only exception to this is in an emergency when a critical security flaw is found in the current default.