-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Edward Z. Yang wrote:
If I am not mistaken (and I may very well be), MediaWiki still uses MD5s to encrypt (well, technically hash, but it's named wfEncryptPassword(), heh heh) user passwords.
[snip]
If this is indeed the case, we should be considering migrating away from MD5 to a more secure algorithm like SHA256.
As a note; AFAIK versions of PHP prior to 5.1.2 include only MD5 and SHA-1 digest functions built-in, and the rumor is SHA-1 isn't safe enough either.
There is an 'mhash' module with more algos including SHA256, but it appears not to be enabled by default: http://www.php.net/manual/en/ref.mhash.php
The more featureful 'hash' module is available by default from 5.1.2 on: http://www.php.net/manual/en/ref.hash.php
Currently MediaWiki supports PHP 5.0.4(?) and up, but 5.0 is mildly annoying (and has some nasty breakage with arrays causing it to fail on 64-bit systems.)
With appropriate hash functions present, we could indeed auto-upgrade hashes on login. (A new field is not necessarily required; the existing hash field can be upgraded to indicate the hash algo along with the hash value. And in a happy case of coincidence, the password hash fields are tinyblobs, so anything that fits in 255 bytes is cool...)
- -- brion vibber (brion @ pobox.com)