Open Oreolek opened 2 months ago
clarkwinkelmann
commented
2 months ago Thanks for the information!
Do you have a link to the implementation? If they use PHP's password_hash with PASSWORD_ARGON2I or PASSWORD_ARGON2ID, it will work with the bcrypt option in my extension because that's just using PHP's password_verify which will validate any of PHP's supported algorithms.
Oreolek
commented
2 months ago clarkwinkelmann
commented
2 months ago Looking at their source code, it seems like both argon implementations extend base_native, which uses password_verify. So it should work with the bcrypt option in this extension.
I should probably rename/alias that option something like "native" in my extension, as it will support all hashes that PHP can natively verify.
If you are using this extension with phpbb and argon, please give it a try and report back! I'll make bugfixes if necessary but it looks like this should not be needed for this.
Newer phpbb uses Argon2 for password hashing.