Implement bcrypt hasher, transparent login upgrade, and explicit upgrade for passwords
ClosedPublic
Actions

Authored by epriestley on Feb 18 2014, 7:06 PM.

Details

Reviewers

btrahan

Maniphest Tasks

T4443: Use bcrypt / password_hash() to hash passwords if available

Commits

Restricted Diffusion Commit
rP580bcd0d2be4: Implement bcrypt hasher, transparent login upgrade, and explicit upgrade for…

Summary

Ref T4443.

Add a password_hash()-based bcrypt hasher if password_hash() is available.
When a user logs in using a password, upgrade their password to the strongest available hash format.
On the password settings page:
- Warn the user if their password uses any algorithm other than the strongest one.
- Show the algorithm the password uses.
- Show the best available algorithm.

Test Plan

As an md5 user, viewed password settings page and saw a warning. Logged out. Logged in, got upgraded, no more warning. Changed password, verified database rehash. Logged out, logged in.

Diff Detail

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

epriestley added inline comments.Feb 18 2014, 7:08 PM

src/infrastructure/util/password/PhabricatorIteratedMD5PasswordHasher.php
15	The output of md5() has length 32, not 40.
src/infrastructure/util/password/PhabricatorPasswordHasher.php
111–130	bcrypt has salt embedded in the hash, so we need to be slightly more clever here.
261	Fixes a bug which is only relevant now that we have two hashers.