Post by riwakawebsitedesigns » Sat Jun 20, 2015 1:34 pm

I would like to know How safe is the opencart 2.0 password using sha1 and salt?

Or should I be using password_hash()


Posts

Joined
Fri Dec 20, 2013 11:05 am

Post by rph » Sun Jun 21, 2015 1:21 am

If you have the ability use password_hash(). I do. It's specifically designed to deal with current password breaking techniques. And as part of the PHP core it will receive automatic updates as more secure hashing methods are developed.

The only good news with OpenCart's method is that it's not in popular password cracking software yet. That won't last forever, though.

-Ryan


rph
Expert Member

Posts

Joined
Fri Jan 08, 2010 5:05 am
Location - Lincoln, Nebraska

Post by IP_CAM » Sun Jun 21, 2015 8:08 pm

rph wrote:The only good news with OpenCart's method is that it's not in popular password cracking software yet. That won't last forever, though.
a very optimistic View, you just made my day ...
Ernie

For Sale: Turnkey Top URLs with Opencart installed!
Latest Opencart LIGHT + V-Pro Test Site: http://www.hitline.info
For more Information, please contact me at: jti@jacob.ch
Free OC Extensions from the largest Github OC Archive on Earth,
560+ Repositories - from OC v.1.5.x up
on my Github Opencart Site: https://github.com/IP-CAM
Image


User avatar
Legendary Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland
Who is online

Users browsing this forum: No registered users and 76 guests