-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Tim Starling wrote:
Password hashes were the hobby horse that first convinced me to get involved in MediaWiki programming, back in 2003. Here's my outraged post:
Ahh, the good old days... :D
Password hashes will be migrated to the :A: or :B: style on upgrade, and after that, you'll be able to switch $wgPasswordSalt on and off at will, and all passwords will continue to work. Before upgrade, the software will understand the old-style hashes, but it requires $wgPasswordSalt to be set correctly.
When we eventually migrate from MD5 to Tiger/192 or whatever, we can introduce a type "C" hash and then convert the old hashes at our leisure.
Awesome!
This change has been on my mind for a while, but the immediate motivation is bug 14330.
Indeed; this nicely solves the problem of migrating passwords across wikis... applicable to other potential "merge multiple wiki" sort of tasks as well, if needed.
- -- brion