Post by riwakawebsitedesigns » Sat Jun 20, 2015 1:34 pm

I would like to know How safe is the opencart 2.0 password using sha1 and salt?

Or should I be using password_hash()


Posts

Joined
Fri Dec 20, 2013 11:05 am

Post by rph » Sun Jun 21, 2015 1:21 am

If you have the ability use password_hash(). I do. It's specifically designed to deal with current password breaking techniques. And as part of the PHP core it will receive automatic updates as more secure hashing methods are developed.

The only good news with OpenCart's method is that it's not in popular password cracking software yet. That won't last forever, though.

-Ryan


rph
Expert Member

Posts

Joined
Fri Jan 08, 2010 5:05 am
Location - Lincoln, Nebraska

Post by IP_CAM » Sun Jun 21, 2015 8:08 pm

rph wrote:The only good news with OpenCart's method is that it's not in popular password cracking software yet. That won't last forever, though.
a very optimistic View, you just made my day ...
Ernie

For Sale: Turnkey URLs with Opencart installed
My latest Opencart LIGHT Testsite: http://www.bigmax.ch/
Attacker IP Blocks are denied from further access to my Sites!
Just contact me for more Information at: jti@jacob.ch
800+ FREE OC Extension-Repositories - from OC v.1.5.x up
on the largest Opencart-Mod Github Site: https://github.com/IP-CAM
Image


User avatar
Legendary Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland
Who is online

Users browsing this forum: No registered users and 51 guests