描述
wp-password-bcrypt is a WordPress plugin to replace WP’s outdated and insecure
MD5-based password hashing with the modern and secure bcrypt.
It is written by roots.io people.
This plugin requires PHP >= 5.5.0 which introduced the built-in
password_hash and
password_verify functions.
See Improving WordPress Password Security
for more background on this plugin and the password hashing issue.
安装
- Upload the plugin files to the
/wp-content/plugins/password-bcryptdirectory, or install the plugin through the WordPress plugins screen directly. - Activate the plugin through the ‘Plugins’ screen in WordPress
常见问题
- Manual installation as a must-use plugin
-
If you don’t use Composer, you can manually copy
wp-password-bcrypt.phpinto yourmu-pluginsfolder.We do not recommend using this as a normal (non-MU) plugin. It makes it too easy to disable or remove the plugin.
评价
2018 年 3 月 19 日
Awesome!
2017 年 11 月 15 日
Simple solution of an important issue
2017 年 9 月 17 日
Every WordPress installation needs password hashing with bcrypt. Thanks 🙂
贡献者及开发者
更新日志
1.0.3
- Check for another password plugin.
1.0.2
- Added license file, excuse me.
1.0.1
- This is the WordPress-stlye version of the original roots wp-password-bcrypt plugin