Manual:$wgPasswordDefault/zh

From Linux Web Expert

The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
<translate> Authentication</translate>: $wgPasswordDefault
當用雜湊演算打散密碼時的預設密碼類型。
<translate> Introduced in version:</translate>1.24.0 (Gerrit change 77645; git #95a8974c)
<translate> Removed in version:</translate><translate> still in use</translate>
<translate> Allowed values:</translate>(字符串)
<translate> Default value:</translate>'pbkdf2'

詳情

當用雜湊演算打散使用者密碼時的預設密碼類型。 A and B are considered insecure by modern standards. PBKDF2 and bcrypt are considered to be of moderate security level and Argon2 is the most secure value of currently supported options. After changing this setting, users will have their password updated to the new format on next login.

改變預設值

  1. 檢查 ../includes 目錄中的 "DefaultSettings.php" 檔,以了解可用和目前的密碼加密類型。
  2. 如果您想更改加密方式,請將變數 $wgPasswordDefault 添加到“LocalSettings.php”文件中,例如:恢復到舊的 MD5 演算法:
    $wgPasswordDefault = 'B';
    
  3. 為了讓密碼以新格式保存,每個用戶至少必須進行一次登錄。 這樣就將資料庫中的密碼更新到新指定的格式了。
    或者,您可以使用 "wrapOldPasswords.php" 腳本來轉換所有密碼的雜湊算法,而無需等待用戶登錄。請注意,此腳本僅適用於pbkdf2-legacyA, pbkdf2-legacyB Note that this script only works for pbkdf2-legacyA, pbkdf2-legacyB.
  4. 檢查 MySQL 資料庫是否已將新格式應用於各欄位。
    Select user_password from wikidbname.user where user_password like ':B:%';
    

參見