Page MenuHomePhabricator

Implement bcrypt hasher, transparent login upgrade, and explicit upgrade for passwords
ClosedPublic

Authored by epriestley on Feb 18 2014, 7:06 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Mar 22, 2:37 AM
Unknown Object (File)
Tue, Mar 19, 7:42 AM
Unknown Object (File)
Tue, Mar 19, 7:42 AM
Unknown Object (File)
Tue, Mar 19, 7:42 AM
Unknown Object (File)
Tue, Mar 19, 7:42 AM
Unknown Object (File)
Tue, Mar 19, 7:12 AM
Unknown Object (File)
Tue, Mar 19, 6:48 AM
Unknown Object (File)
Mon, Mar 18, 2:53 PM
Subscribers

Details

Summary

Ref T4443.

  • Add a password_hash()-based bcrypt hasher if password_hash() is available.
  • When a user logs in using a password, upgrade their password to the strongest available hash format.
  • On the password settings page:
    • Warn the user if their password uses any algorithm other than the strongest one.
    • Show the algorithm the password uses.
    • Show the best available algorithm.
Test Plan

As an md5 user, viewed password settings page and saw a warning. Logged out. Logged in, got upgraded, no more warning. Changed password, verified database rehash. Logged out, logged in.

Diff Detail

Repository
rP Phabricator
Branch
hashalg3
Lint
Lint Passed
Unit
Tests Passed

Event Timeline

src/infrastructure/util/password/PhabricatorIteratedMD5PasswordHasher.php
15

The output of md5() has length 32, not 40.

src/infrastructure/util/password/PhabricatorPasswordHasher.php
111–130

bcrypt has salt embedded in the hash, so we need to be slightly more clever here.

261

Fixes a bug which is only relevant now that we have two hashers.

epriestley updated this revision to Unknown Object (????).Feb 18 2014, 7:10 PM
  • Fix an issue with comparing md5 signatures.
epriestley updated this revision to Unknown Object (????).Feb 18 2014, 7:13 PM
  • Fix some envelope open/close stuff.