On 21.10.2010 16:12, Miha Vrhovnik wrote: > I would also 2nd the usage of hash function and stronger algorithm > like whirlpool. Also as the hash algorithms are becoming longer.. They > should be base64 encoded, so I propose to also have a password_ecoding > parameter with 2 values (hex, base64)
hash() should definitely be used, and I'd recommend sha256 rather than whirlpool for obscure reasons but I'd be happy with any of them honestly, sha1 and especially md5 shouldn't be used anymore. Cheers -- Jordi Boggiano @seldaek :: http://seld.be/ -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
