On 03/07/12 18:21, Anthony Ferrara wrote:
>> 2) I'd like to be able to check wether a stored password uses an outdated
> algorithm and update the hash in that case. For that I'd need either a
> function to extract the salt from a hash to pass it to password_hash() and
> compare the result with the
Am 03.07.2012 um 18:21 schrieb Anthony Ferrara:
> >> know you didn't like PASSWORD_MOST_SECURE. So what about keeping
> >> PASSWORD_DEFAULT as a moving target, documented, and just making the
> >> second parameter (algo) to password_hash required? That way users
> >
> > To be honest I'm not sure of
Christian,
> Hi Anthony,
> I tried sending this to intern...@php.net but it seems it didn't get
through...
Replying on list.
>> know you didn't like PASSWORD_MOST_SECURE. So what about keeping
>> PASSWORD_DEFAULT as a moving target, documented, and just making the
>> second parameter (algo) to p