Nicolas: On Thu, Sep 13, 2012 at 7:33 AM, Nicolas Grekas < nicolas.grekas+...@gmail.com> wrote:
> Hi, > > What do you think about adding PHPass compatibility to the password hashing > API ? > We could add two new algos : PASSWORD_MD5 and PASSWORD_EXT_DES. > That way, existing password crypted using phpass ($P$*, $H$*, _* prefix) > could be verified using the password hashing API. > PHPass implementation could then be merged with > https://github.com/ircmaxell/password_compat to provide a forward > compatible PHP Implementation for users without PHP5.5. > The way password_verify is implemented, it can use any crypt(3) generated hash for verification. It's just a proxy to crypt() with a few extra checks (it won't verify STD_DES, as it's too short). With respect to adding those algorithms for generating hashes, I'm 100% dead set against it. Both are significantly weaker algorithms than BCrypt. I'd rather have this API only contain strong algorithms. As far as merging PHPASS, I don't really see the reason either. It's a weaker algorithm (by a long shot). And it's not really tested as an algorithm outside of the PHP community. For versions < 5.3, it's better than what's trivially available (though PBKDF2 + SHA2 is significantly better, and easily implementable in 5.2). But for 5.3+ there are a number of algorithms available that are significantly stronger (SHA256, SHA512, BCRYPT). The last thing I want to happen is to give the user the ability to make a bad choice without knowing any better (which is why BCRYPT is the only option so far). If you want to support PHPASS passwords, just write a quick wrapper that checks the prefix, and if it's PHPASS, hash it with PHPASS, then upgrade the hash. It's not that difficult to implement... Anthony
