FAIR

Federated and Independent Repositories

Password bcrypt

Plugin Banner

Password bcrypt

by Viktor Szépe

Download
Description

wp-password-bcrypt is a WordPress plugin to replace WP’s outdated and insecure
MD5-based password hashing with the modern and secure bcrypt.

It is written by roots.io people.

This plugin requires PHP >= 5.5.0 which introduced the built-in
password_hash and
password_verify functions.

See Improving WordPress Password Security
for more background on this plugin and the password hashing issue.

  1. Upload the plugin files to the /wp-content/plugins/password-bcrypt directory, or install the plugin through the WordPress plugins screen directly.
  2. Activate the plugin through the ‘Plugins’ screen in WordPress

Manual installation as a must-use plugin

If you don’t use Composer, you can manually copy wp-password-bcrypt.php into your mu-plugins folder.

We do not recommend using this as a normal (non-MU) plugin. It makes it too easy to disable or remove the plugin.

Works Perfectly

By Ward (YWard) on March 19, 2018

Awesome!

Simply the best

By Martin Hlavac (hlavacm) on November 15, 2017

Simple solution of an important issue

Important plugin!

By Michal Danko (michaldanko) on September 17, 2017

Every WordPress installation needs password hashing with bcrypt. Thanks 🙂

1.0.3

  • Check for another password plugin.

1.0.2

  • Added license file, excuse me.

1.0.1

Back to top