Post by riwakawebsitedesigns » Sat Jun 20, 2015 1:34 pm

I would like to know How safe is the opencart 2.0 password using sha1 and salt?

Or should I be using password_hash()


Posts

Joined
Fri Dec 20, 2013 11:05 am

Post by rph » Sun Jun 21, 2015 1:21 am

If you have the ability use password_hash(). I do. It's specifically designed to deal with current password breaking techniques. And as part of the PHP core it will receive automatic updates as more secure hashing methods are developed.

The only good news with OpenCart's method is that it's not in popular password cracking software yet. That won't last forever, though.

-Ryan


rph
Expert Member

Posts

Joined
Fri Jan 08, 2010 5:05 am
Location - Lincoln, Nebraska

Post by IP_CAM » Sun Jun 21, 2015 8:08 pm

rph wrote:The only good news with OpenCart's method is that it's not in popular password cracking software yet. That won't last forever, though.
a very optimistic View, you just made my day ...
Ernie

For Sale: Top URL's, including OpenCart V-Pro installed, like seen here:
http://www.bigmax.ch - http://www.ipcam.li - http://www.opencart.li
For Information + URL's offered, please contact me at: jti@jacob.ch
I am NOT available for Custom Support in existing OC Installations!
My Github Repositories: https://github.com/IP-CAM
Image


User avatar
Guru Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland
Who is online

Users browsing this forum: lordohtu and 23 guests