-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
If I am not mistaken (and I may very well be), MediaWiki still uses MD5s
to encrypt (well, technically hash, but it's named wfEncryptPassword(),
heh heh) user passwords.
function wfEncryptPassword( $userid, $password ) {
global $wgPasswordSalt;
$p = md5( $password);
if($wgPasswordSalt)
return md5( "{$userid}-{$p}" );
else
return $p;
}
If this is indeed the case, we should be considering migrating away from
MD5 to a more secure algorithm like SHA256. The breadth of attacks
against this hashing scheme have grown incredibly sophisticated, and
over where I consult, we generally discourage new developers from using
MD5 for any security related purposes (still makes a fine good checksum
though).
Migrating the hashes would probably prove to be tricky, but if we
implement appropriate hooks, with the addition of only one new field we
could easily "magically" update the fields once a user logs in, and the
system is (for one short request) in possession of the plaintext
password. The old algorithm could be supported indefinitely, but only
for old user accounts that haven't upgraded yet, all new accounts would
use the new hashing scheme. We could even rename the function into
something more accurate!
What say the developers?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org
iD8DBQFFtWicqTO+fYacSNoRAmQEAJ45Laiqabiclzix0wZ8cN2Y8CuVZACffFUB
DYyZ9MjWOhFalNSY73bpM0w=
=9sel
-----END PGP SIGNATURE-----