gnu-social/modules/AuthCrypt/README.md
Alexei Sorokin 7d7dbe627b [AuthCrypt] Password storage and comparison improvements
Password hashes are now stored in a TEXT attribute, not limited to 199 symbols.
That limitation makes no sense as password hashes are not the kind of
information to be indexed.

Actually replace crypt() with password_verify() for password checking, current
code left password_verify() unused.

Only update passwords when they use a different algorithm from the current
default. Previously "overwrite" meant rehashing every login.

Replace the "argon" boolean option with "algorithm" and "algorithm_options" for
better configurability.
The default remains whichever is default for PHP's password_hash.
2021-07-16 19:44:37 +01:00

1.5 KiB

AuthCrypt allows for GNU social to use password_hash() hashing to store password credentials.

Settings

You can change these settings in config.php with $config['AuthCryptModule'][{setting name}] = {new setting value};.

Default values in parenthesis.

authoritative (false): Set this to true when all passwords are hashed with password_hash() (warning: this may disable all other password verification, also when changing passwords!) algorithm (PASSWORD_DEFAULT): A hashing algorithm to use, the default value is defined by PHP. See all supported strings at https://php.net/password-hash algorithm_options (['cost' => 12] if "algorithm" is bcrypt): Hashing algorithm options. See all supported values at https://php.net/password-hash statusnet (true): Do we check the password against legacy StatusNet md5 hash? (notice: will check password login against old-style hash and if 'overwrite' is enabled update using crypt()) overwrite (true): Do we overwrite password hashes on login if they used a different algorithm (notice: to make use of stronger security or migrate obsolete hashes, this must be true) password_changeable (true): Enables or disables password changing. (notice: if combined with authoritative, it disables changing passwords and removes option from menu.) autoregistration: This setting is ignored. Password can never be valid without existing User. provider_name: This setting defaults to 'crypt' but is never stored anywhere.

Technical note: Many settings are inherited from the AuthenticationModule class.