I would like to know How safe is the opencart 2.0 password using sha1 and salt?
Or should I be using password_hash()
If you have the ability use password_hash(). I do. It's specifically designed to deal with current password breaking techniques. And as part of the PHP core it will receive automatic updates as more secure hashing methods are developed.
The only good news with OpenCart's method is that it's not in popular password cracking software yet. That won't last forever, though.
The only good news with OpenCart's method is that it's not in popular password cracking software yet. That won't last forever, though.
-Ryan
a very optimistic View, you just made my day ...rph wrote:The only good news with OpenCart's method is that it's not in popular password cracking software yet. That won't last forever, though.
Ernie
My Github OC Site: https://github.com/IP-CAM
5'600 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.
Who is online
Users browsing this forum: No registered users and 35 guests
