As discussed in https://github.com/mimecorg/webissues/issues/62, this replaces the Hashing functions from phpass with the >PHP5.5 native functions with the bcrypt algorithm. Some methods from phpass still persist to unsure, that the user can still log in with the MD5 Password hashes.
For checking Password, the MD5 and bcrypt passwords are working, for saving new passwords only bcrypt is being used. isNewHashNeeded also only checks for the bcrypt algorithm.
If a user logs in with an MD5 hash, it should be replaced with a bcrypt hash after the first login.
As discussed in https://github.com/mimecorg/webissues/issues/62, this replaces the Hashing functions from phpass with the >PHP5.5 native functions with the bcrypt algorithm. Some methods from phpass still persist to unsure, that the user can still log in with the MD5 Password hashes.
For checking Password, the MD5 and bcrypt passwords are working, for saving new passwords only bcrypt is being used.
isNewHashNeededalso only checks for the bcrypt algorithm.If a user logs in with an MD5 hash, it should be replaced with a bcrypt hash after the first login.