Insecure password storage method

[jvoisin]

Currently password are stored using md5; this isn't recommended by php itself. Something like password_hash should be used instead. If not supporting php 5.4 isn't an option (it's more than 5 years old now), crypt should be used instead.

Rationale: an attacker able to get the hash could trivially run a highly effective bruteforce attack against them, and retrieve their plain-text version.

[derStephan]

an attacker able to get the hash could trivially run a highly effective bruteforce attack against them, and retrieve their plain-text version.

That's not the case. It is not trivial to find the plain-text password, it is affordable to get a collision which is not the real password in the most cases.

Getting the real password is more likely to be done using rainbow tables. This is only true as long as you don't use a strong realm. I would suggest to automatically set a long random realm during install.

But of course, I agree that md5 should be replaced as soon as possible, I just think that the problem is not as bad as you described it.

[rsertelon]

This has already been reported in #514

[jvoisin]

Damn, my bad.