CakePHP uses salted sha1 hashes for passwords by default, and has for a while. There has been some talk on the mailing list lately of switching the default hashing to something more secure, such as bcrypt. I think this is a great idea, and will find its way into CakePHP in a future release. Providing a reasonanle upgrade experience is the biggest problem to solve, if the default hashing strategy was to change. One option is to silently upgrading passwords. I’m not a fan of this approach as it has more room to go wrong, and possibly corrupt data. Another option, allowing developers to stick with sha1 if they have passwords hashed with it is a safer and probably better overall option.
While bcrypt is not part of CakePHP just yet, I wanted to see how difficult it would be to start using bcrypt today. Turns out it was pretty simple. Getting bcrypt working only required a subclass of FormAuthenticate and a two line change to the User class.
via Mark Story – Using bcrypt for passwords in CakePHP. Awesome, I tried doing this in CakePHP 1.3 a few weeks ago but couldn’t get it to work right all the time.