Skip to content
Snippets Groups Projects
Commit 77f08248 authored by Christian Futterlieb's avatar Christian Futterlieb Committed by Markus Klein
Browse files

[TASK] Compare password hashes in constant time 

In order to avoid time-based hash-based attacks, the native
PHP security functions are used instead of simple string
comparisons, when comparing passwords with hashes.

Change-Id: I0dbe2c12c5017f9d71ea7628ddd35d919510ac12
Releases: master
Resolves: #79888
Related: #79795
Reviewed-on: https://review.typo3.org/51737


Reviewed-by: default avatarHelmut Hummel <typo3@helhum.io>
Tested-by: default avatarHelmut Hummel <typo3@helhum.io>
Tested-by: default avatarTYPO3com <no-reply@typo3.com>
Reviewed-by: default avatarMads Lønne Jensen <mlj@systime.dk>
Reviewed-by: default avatarMarkus Klein <markus.klein@typo3.org>
Tested-by: default avatarMarkus Klein <markus.klein@typo3.org>
parent 2c5378c4
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 111 additions and 3 deletions
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment