What are the Slack Archives?
It’s a history of our time together in the Slack Community! There’s a ton of knowledge in here, so feel free to search through the archives for a possible answer to your question.
Because this space is not active, you won’t be able to create a new post or comment here. If you have a question or want to start a discussion about something, head over to our categories and pick one to post in! You can always refer back to a post from Slack Archives if needed; just copy the link to use it as a reference..
hello, why Spryker uses bcrypt as default hashing algorithm ? argon2 is a way stronger and supported
hello, why Spryker uses bcrypt as default hashing algorithm ? argon2 is a way stronger and supported since php 7.3
Comments
-
Under the hood the Symfony Password Hasher is used, which used BCrypt as a default.
With the current version of Spryker Security Argon2 is used (Symfony changed the behavior to always use the best algorithm available).
So seeing bcrypt as password algorithm is a historical thing in Spryker.You can set the algorithm to argon2 explicitly in https://github.com/spryker/customer/blob/7.42.0/src/Spryker/Zed/Customer/Business/Customer/Customer.php
The main issue would be to migrate all your users to use the new algorithm as you will need their plain text password to encrypt it with a different algorithm.
You could add a little bit code into\Spryker\Zed\Customer\Business\Customer\Customer::tryAuthorizeCustomerByEmailAndPassword
to migrate passwords once a customer do a login.
That will not migrate all your customers but at least those who are active over time.0
Categories
- All Categories
- 42 Getting Started & Guidelines
- 7 Getting Started in the Community
- 8 Additional Resources
- 7 Community Ideas and Feedback
- 76 Spryker News
- 929 Developer Corner
- 787 Spryker Development
- 89 Spryker Dev Environment
- 362 Spryker Releases
- 3 Oryx frontend framework
- 35 Propel ORM
- 68 Community Projects
- 3 Community Ideation Board
- 30 Hackathon
- 3 PHP Bridge
- 6 Gacela Project
- 26 Job Opportunities
- 3.2K 📜 Slack Archives
- 116 Academy
- 5 Business Users
- 370 Docker
- 551 Slack General
- 2K Help
- 75 Knowledge Sharing
- 6 Random Stuff
- 4 Code Testing
- 32 Product & Business Questions
- 70 Spryker Safari Questions
- 50 Random