Can I still use this component?

TheDoggyBrad Software Lab Posted in General Discussion 1 year ago

When I was browsing lianglee's (Arsalan Shah) github repository. This component caught the attention of my eye.
Is this thing still working or is it implemented in the core of OSSN 7?

I seen something similar in the OSSN Documentation:

•Argon2i is optimized to resist side-channel attacks. It accesses the memory array in a password independent order. (2015)

•bcrypt is a password-hashing function designed by Niels Provos and David Mazières, based on the Blowfish cipher and presented at USENIX in 1999.

Supported algorithms are md5 OSSN v5.x, bcrypt, argon2i. Default is bcrypt.
-OSSN Documentation

My question here is that can I simply switch my whole OSSN installation's hashing algorithm from bcrypt to Argon2i using this component and switch all the current users's passwords from bcrypt to Argon2i. Or if I installed the component only the new users will only use the Argon2i.

Note: I have 0% knowledge on about passwords.

ph TheDoggyBrad Software Lab Replied 1 year ago


Indonesian Arsalan Shah Replied 1 year ago

Just leave default behavior don't use it

ph TheDoggyBrad Software Lab Replied 1 year ago

Or is it still better to still use bcrypt than Argon2i? or Argon2i is better than bcrypt.

Note: As I mentioned earlier, I have no knowledge about the encryption of passwords.