Koch
commented
5 years ago I'll take a look as soon as I get a dev copy of Wannabe working correctly
Closed KristianLyng closed 3 years ago
Koch
commented
5 years ago I'll take a look as soon as I get a dev copy of Wannabe working correctly
niccofyren
commented
5 years ago @Koch 👋Do you mind if I take a stab at this, if you haven't gotten the chance yet? Started on some unrelated tweaks that seem to transition nicely into this issue 🤷♂
Koch
commented
5 years ago feel free @niccofyren
mfyll
commented
4 years ago @niccofyren Can we close this issue?
niccofyren
commented
4 years ago The main part not done is this
we can and probably should require all users to reset passwords
Users hashes will be automatically upgraded when people log in, but old hashes for inactive users might still be present if existing database is compromised.
So think this could be closed, but might want to do some sort of manual hash purging for old users as well?
mfyll
commented
3 years ago @niccofyren Yes, wipe passwords, force users to change.
Close when done 👯♂️
We are, unfortunately, still using MD5 for hashes. This sucks, is horrible, etc.
It's been on the board for ages, but never been fixed.
Please note that since wannabe was used with 0 encryption (TLS/SSL) for the majority of its life span, we should also assume that passwords are compromised regardless. So it is not a hard requirement that a move to bcrypt or sha-something provides a migration path for old passwords - we can and probably should require all users to reset passwords. This should make it easier to switch algorithms - if it works in dev, it's basically fine, as long as the change is made out side of "peak hours" (e.g.: not during TG).
Anyone up for this?