Page MenuHomePhabricator
Create Task
Maniphest T70766

Change $wgPasswordDefault to PBKDF2 on WMF wikis
Closed, ResolvedPublic
Actions

Description

The password hashing API patch has been merged. Once it is deployed, we should switch WMF wikis over to PBKDF2.

Version: wmf-deployment
Severity: enhancement

Details

Reference
bz68766

Related Objects
Search...

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 22 2014, 3:29 AM
bzimport added a project: Wikimedia-Site-requests.
bzimport set Reference to bz68766.
bzimport added a subscriber: Unknown Object (MLST).
Parent5446 created this task.Jul 28 2014, 8:20 PM
Aklapper added a comment.Jul 30 2014, 10:04 AM

(In reply to Tyler Romeo from comment #0)

The password hashing API patch has been merged.

For the records: https://gerrit.wikimedia.org/r/#/c/77645/ and https://gerrit.wikimedia.org/r/#/c/149658/

gerritbot added a comment.Aug 13 2014, 6:31 PM

Change 153850 had a related patch set uploaded by Parent5446:
Set $wgPasswordDefault to old MD5

https://gerrit.wikimedia.org/r/153850

gerritbot added a comment.Aug 14 2014, 6:19 PM

Change 153850 merged by jenkins-bot:
Set $wgPasswordDefault to old MD5

https://gerrit.wikimedia.org/r/153850

duplicatebug added a comment.Aug 27 2014, 7:01 PM

Maybe it is possible to keep/set PBKDF2 on labs wikis for testing and only set to md5 for production.

gerritbot added a comment.Sep 2 2014, 11:34 PM

Change 158024 had a related patch set uploaded by Parent5446:
Set password default to PBKDF2

https://gerrit.wikimedia.org/r/158024

gerritbot added a comment.Sep 11 2014, 7:53 PM

Change 158024 merged by jenkins-bot:
Set password default to PBKDF2

https://gerrit.wikimedia.org/r/158024

Umherirrender added a comment.Sep 13 2014, 7:34 AM

successfully merged

Xqt mentioned this in T229364: CSRF token issues (tracking).Jul 30 2019, 5:51 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL