Join the social network of Tech Nerds, increase skill rank, get work, manage projects...
 
  • Password hashing in wordpress

    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 806
    Comment on it

    WordPress doesn't ever store client passwords as plain content. This is the essential motivation behind why, on the off chance that you forget or lose your password, you have to reset it. Your password is not stored by wordpress, regardless of the possibility that if your database is hacked, the hacker won't does not know what your original password was. This is the reason why we hashed our password.

    At the point when a password is supplied for verification, the validation will include a touch of "salt" to make the string any longer and more protected. At that point,  cryptographic calculation is applied to it to make the password more protected. A particular plain content string will  produce the same hash. Its absolutely impossible.

    Distinctive hashing calculations have contrasting levels of security in light of the relative sizes of the hash strings created. A few (like SHA-2) are broadly acknowledged as being secure – meaning they haven't been effectively misused (yet). WordPress utilizes an open source library, the Portable PHP secret key hashing structure, to produce hashed strings utilizing a few accessible calculations.

    Example of password hashing:

    <?php
    $wp_hasher = new PasswordHash(8, TRUE);
    
    $password_hashed = '$P$BBCDD55D6LjfHDkINU5wF.v2BuuzO0/XPk/';
    $plain_password = 'hellotest';
    
    if($wp_hasher->CheckPassword($plain_password, $password_hashed)) {
        echo "YES, Matched";
    } else {
        echo "No, Wrong Password";
    }
    ?>

    You can also use Blowfish DES (if accessible) rather than MD5 to hash the password with 16 rounds of hashing:

    $wp_hasher = new PasswordHash(16, FALSE);
    $hashedPassword = wp_hash_password($password);

     

 0 Comment(s)

Sign In
                           OR                           
                           OR                           
Register

Sign up using

                           OR                           
Forgot Password
Fill out the form below and instructions to reset your password will be emailed to you:
Reset Password
Fill out the form below and reset your password: