Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update password hash to use php password_hash by default #7439

Merged
merged 1 commit into from
Jun 24, 2019
Merged

Update password hash to use php password_hash by default #7439

merged 1 commit into from
Jun 24, 2019

Conversation

mattlorimer
Copy link
Member

Description

This updated user password hashing to use the new php password_hash implementation. This is greatly increase the security of user password stored in the database. It is fully backward compatible with previous password hashing, used in SuiteCRM, so should not cause any issues with users already using previous implementations of password hashing.

How To Test This

  1. See that you can login to the application, api(s) using the existing password standard and backward compatible standards.
  2. Update your password and see that it stored using the more secure hash and test that you can still login in all places.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Final checklist

  • My code follows the code style of this project found here.
  • My change requires a change to the documentation.
  • I have read the How to Contribute guidelines.

@mattlorimer mattlorimer marked this pull request as ready for review June 20, 2019 12:01
@cameronblaikie
Copy link
Contributor

Assessed 👍

@cameronblaikie cameronblaikie added the Status:Assessed PRs that have been tested and confirmed to resolve an issue by a core team member label Jun 24, 2019
@Dillon-Brown Dillon-Brown merged commit cab227d into salesagility:hotfix-7.10.x Jun 24, 2019
@Dillon-Brown Dillon-Brown mentioned this pull request Jun 24, 2019
Merged
6 tasks
@mattlorimer mattlorimer deleted the feature/newPasswordHash branch February 25, 2020 14:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gymad gymad gymad approved these changes

Assignees
No one assigned
Labels
Status:Assessed PRs that have been tested and confirmed to resolve an issue by a core team member
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@mattlorimer @cameronblaikie @gymad @Dillon-Brown