from Hacker News

WordPress still uses MD5 for hashing passwords

by lkurtz on 4/4/16, 2:39 PM with 5 comments

by CiPHPerCoder on 4/4/16, 3:05 PM
This is actually incorrect.
It's using Phpass by Solar Designer, which is not the same thing as merely "using MD5". Typically, I reserve that choice of words for constructions like this:
```
    $hash = md5($password);
    $hash = md5($password . $salt);
    // etc
```
This MD5 code is still bad. They really should migrate to just using password_hash() and password_verify(), but they won't. They're committed to supporting PHP 5.2.x forever (or at least until every shared host in existence stops supporting 5.2, which is effectively forever).
https://github.com/WordPress/WordPress/blob/6edbcc88ff5ba0ac...
Note that, on newer versions of PHP, bcrypt will be used instead of the method linked by this HN submission.
by creshal on 4/4/16, 4:06 PM
We wrote a plugin for this a while ago that uses crypt(3) with 5000 rounds SHA-256 and a 96 bit salt – it's the safest method I found that fit within Wordpress' password hash column without altering it, even if I'd have preferred scrypt (argon2 wasn't out yet).
I guess we should open source it after all.
by cryptos on 4/4/16, 3:08 PM
I'm shocked! WordPress, the security pioneer under all the PHP based apps, uses MD5 ...
by throwaway2016a on 4/4/16, 3:41 PM
Please do not judge all PHP apps based on this.. there are plenty of PHP apps that use better methods :(
by lkurtz on 4/4/16, 2:39 PM
Passwords crack at a rate of 5000/second on my 3 year old, super bad GPU laptop :-/