• Zikeji@programming.dev
    link
    fedilink
    English
    arrow-up
    2
    ·
    11 months ago

    One of the first things I did when I took over an old php project was convert to bcrypt and add logic to automatically upgrade the hash on their next login (and in case you’re wondering, we also removed the old insurance hashes and the upgrade logic after a while, forcing remaining users to do a password reset).