https://bugzilla.wikimedia.org/show_bug.cgi?id=28085
--- Comment #30 from Daniel Friesen <[email protected]> --- (In reply to comment #26) > (In reply to comment #25) > > C. If a login (email) and password combination are valid they can only point > > to 1 account, that account should be logged in to. > > That constraint does not exist yet. Of course, we do not store passwords in > plain text (very insecure). So to enforce this constraint, we would have to > enforce that (email, hashedPassword) is unique. > > I'm not sure all the passwords use the same algorithm (legacy reasons). That > would also have to be fixed (either all at once, or on login), then enforced > going forward. You're basing this all on the assumption that as long as the same password algorithm and same password is used the hashed password will always be the same and can be checked for uniqueness through equality. This is completely false. Unless you set `$wgPasswordSalt = false;` (which is insecure and only exists to support 3rd party systems doing login to MW wikis by directly messing with the database) we salt passwords when we hash them (well they're not really hashes, but that's another topic). This means that if you hash the same password with the same algorithm you're practically guaranteed that the end hash is going to be different each time. This is the very intent of salting passwords for security. It's not going to to away, otherwise we'd be vulnerable to rainbow tables. So checking that passwords are unique just isn't going to happen. -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
