Page MenuHomePhabricator

Implement bcrypt hasher, transparent login upgrade, and explicit upgrade for passwords
ClosedPublic

Authored by epriestley on Feb 18 2014, 7:06 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Dec 15, 4:06 AM
Unknown Object (File)
Sat, Dec 7, 12:24 PM
Unknown Object (File)
Thu, Dec 5, 10:56 AM
Unknown Object (File)
Thu, Dec 5, 7:44 AM
Unknown Object (File)
Thu, Dec 5, 7:42 AM
Unknown Object (File)
Nov 26 2024, 3:41 PM
Unknown Object (File)
Nov 5 2024, 6:27 AM
Unknown Object (File)
Oct 29 2024, 9:44 AM
Subscribers

Details

Summary

Ref T4443.

  • Add a password_hash()-based bcrypt hasher if password_hash() is available.
  • When a user logs in using a password, upgrade their password to the strongest available hash format.
  • On the password settings page:
    • Warn the user if their password uses any algorithm other than the strongest one.
    • Show the algorithm the password uses.
    • Show the best available algorithm.
Test Plan

As an md5 user, viewed password settings page and saw a warning. Logged out. Logged in, got upgraded, no more warning. Changed password, verified database rehash. Logged out, logged in.

Diff Detail

Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

src/infrastructure/util/password/PhabricatorIteratedMD5PasswordHasher.php
15

The output of md5() has length 32, not 40.

src/infrastructure/util/password/PhabricatorPasswordHasher.php
111–130

bcrypt has salt embedded in the hash, so we need to be slightly more clever here.

261

Fixes a bug which is only relevant now that we have two hashers.

epriestley updated this revision to Unknown Object (????).Feb 18 2014, 7:10 PM
  • Fix an issue with comparing md5 signatures.
epriestley updated this revision to Unknown Object (????).Feb 18 2014, 7:13 PM
  • Fix some envelope open/close stuff.