https://bugzilla.wikimedia.org/show_bug.cgi?id=28419
--- Comment #61 from Victor Vasiliev <vasi...@gmail.com> 2012-08-06 04:10:44 UTC --- I suggest we stop the cryptoparanoia competition here and finally get at least SHA-2 or WHIRLPOOL (since you people make such a great deal of implementing PBKDF2 so you can't get it done without tearing each other apart). We're still using MD5 right now for password storage. I could go ahead and patch the system myself. But it looks that it has been done at least twice, can we finally get *something* into gerrit? Preferrably in the small portions. If I were you, I'd start with OOP rewrite of the current password system without any new backends, then commit a patch with PDKBF2 backend, etc. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l