Alexei Sorokin 2861ae2823 [AuthCrypt] Password storage and comparison improvements
Password hashes are now stored in a TEXT attribute, not limited to 199 symbols.
That limitation makes no sense as password hashes are not the kind of
information to be indexed.

Actually replace crypt() with password_verify() for password checking, current
code left password_verify() unused.

Only update passwords when they use a different algorithm from the current
default. Previously "overwrite" meant rehashing every login.

Replace the "argon" boolean option with "algorithm" and "algorithm_options" for
better configurability.
The default remains whichever is default for PHP's password_hash.
2020-07-25 20:16:21 +03:00
..
2020-06-29 01:41:46 +03:00
2020-06-29 01:41:46 +03:00
2020-06-29 01:41:46 +03:00
2020-06-29 01:41:46 +03:00