Ticket Details

Encryption Changes

ENHANCEMENT Ticket (closed) 

We should consider implementing bcrypt into the Auth Class for a password method. As this is more secure then most methods in php. 


THanks.
on 12.20.10 reported by: moos3 owned by: daschl

Updates

(fixed) on 07.03.11 by daschl
  • owner was changed to daschl
  • status was changed to closed
  • resolution was changed to fixed
Lithium now has blowfish (bcrypt) support built in. See http://lithify.me/docs/lithium/security/Password::salt%28%29 and http://lithify.me/docs/lithium/security/Password::hash%28%29 for details. You can also integrate this with the Auth class, see http://lithify.me/docs/lithium/security/auth/adapter/Form for some docs on it.