Why does backend login use SHA1 when it has been considered unsecure for a decade?

guillaumeprevost / docker-picocms

Docker version of PicoCMS, the flat file, markdown, lightweight, Content Management System

MIT License

5 stars 7 forks source link

Why does backend login use SHA1 when it has been considered unsecure for a decade? #2

Open ghuser655 opened 3 years ago

guillaumeprevost commented 1 year ago

Hi @ghuser655 sorry for the (very) late reply and thanks for your feedback !

The simple answer is that this is just a simple repo from a personal project of mine, I didn't go through any security checks or any update for several years on that.

Feel free to make a pull request if you feel like code should be updated !