Details
-
Improvement
-
Resolution: Unresolved
-
High
-
1.7.6, 2017.10, 1.12.0
-
None
Description
We should deprecate insecure login hash methods. We can't remove support for these hash types until all users have updated their passwords, or users will be shut out of their accounts. New stack and legacy have different strategies here. If we could make both of them do both of the below actions, then migration would go quicker.
- In new stack, hashes gets updated whenever users change their passwords.
- In legacy, hashes get updated whenever users log in.
Anyway, I don't think we can fully remove the old types until 3.x or suchlike. Deprecation, combined with log warnings and notification to customers, will have to do. We can, possibly, remove support for using them when creating new users, though I'm unsure if that is a good idea.
Attachments
Issue Links
- discovered while testing
-
EZP-24744 Increase password security
-
- Closed
-