Unlock Hidden Gems: Insider Secrets in WordPress 6.8 for Developers
Security: switched to bcrypt for password hashing
The algorithm that WordPress uses to hash and store user passwords in the database changed in WordPress 6.8 to bcrypt.
It previously used phpass, but the adoption of bcrypt strengthens password security by requiring significantly more computational power to crack password hashes.
If your plugin uses the wp_hash_password() or wp_check_password() functions, it should continue working as expected. However, if you were directly handling phpass hashes, you would need to update your code.
