Post by riwakawebsitedesigns » Sat Jun 20, 2015 1:34 pm

I would like to know How safe is the opencart 2.0 password using sha1 and salt?

Or should I be using password_hash()


Posts

Joined
Fri Dec 20, 2013 11:05 am

Post by rph » Sun Jun 21, 2015 1:21 am

If you have the ability use password_hash(). I do. It's specifically designed to deal with current password breaking techniques. And as part of the PHP core it will receive automatic updates as more secure hashing methods are developed.

The only good news with OpenCart's method is that it's not in popular password cracking software yet. That won't last forever, though.

-Ryan


rph
Expert Member

Posts

Joined
Fri Jan 08, 2010 5:05 am
Location - Lincoln, Nebraska

Post by IP_CAM » Sun Jun 21, 2015 8:08 pm

rph wrote:The only good news with OpenCart's method is that it's not in popular password cracking software yet. That won't last forever, though.
a very optimistic View, you just made my day ...
Ernie

For Sale: Top URL's, including an OpenCart V-Pro Shop!
A wide range of matching Designs can be seen here: http://www.opencart.li
For Information on URL's offered, please contact me at: jti@jacob.ch
Hundreds of Mods in 380+ Repositories for OC v.1.5.x - v.2.3.x
to be found on my Github Site: https://github.com/IP-CAM
Image


User avatar
Legendary Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland
Who is online

Users browsing this forum: No registered users and 25 guests