Author: theevilipaddress
Description:
MediaWiki uses MD5 for encrypting user passwords, however that encryption method isn't secure any longer (see for example the lead section of http://en.wikipedia.org/wiki/MD5, including references). Though it might not be the most urgent problem so far (thus marked as minor), I believe that MediaWiki should switch someday to a more secure encryption method, at the moment SHA-2 seems to be the recommendation.
Version: 1.24rc
Severity: enhancement
URL: http://www.mail-archive.com/wikitech-l@lists.wikimedia.org/msg08830.html
See Also:
https://bugzilla.wikimedia.org/show_bug.cgi?id=54948