They don't. See http://trac.wordpress.org/ticket/2394
Pål GD wrote:
Cornell Finch wrote:
I know this probably isn't the right place to put this but I don't
know where else to submit it:
http://www.theregister.co.uk/2007/11/21/google_md5_crack/
Is this something we should be worried about?
Collin
Yes, indeed. Wordpress should have been doing salting[1], which I
don't think they do.
[1] http://en.wikipedia.org/wiki/Salting_(cryptography)
_______________________________________________
wp-testers mailing list
[email protected]
http://lists.automattic.com/mailman/listinfo/wp-testers
_______________________________________________
wp-testers mailing list
[email protected]
http://lists.automattic.com/mailman/listinfo/wp-testers
