Hi
On 9/7/23 19:26, Tim Düsterhus wrote:
in response to the recent "PASSWORD_DEFAULT value" thread [1], I've
created an RFC to discuss an increase of the default BCrypt costs for
`password_hash()` from the current value of 10.
https://wiki.php.net/rfc/bcrypt_cost_2023
This message is intended to officially open the discussion period for
that RFC.
The minimum 14 days of discussion will be over tomorrow. I believe the
RFC is clearly written, sufficiently explains possible drawbacks and
gives enough data to make an information decision.
As such I don't expect any more meaningful discussion and plan open the
vote shortly after the 14 days are actually over to get this off my list.
Best regards
Tim Düsterhus
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: https://www.php.net/unsub.php
