Enables the usage of password_hash in Magento 2.
While Magento 2 has improved its password hashing mechanism compared to its predecessor by using longer salts and switching over to SHA-256, it is still vulnerable to dictionary based brute-force attacks once an attacker compromises the database. You can read this excellent blogpost by Willem de Groot that clarifies the problem. It is advised to use a slow hashing algorithm to block this attack vector.
This module is distributed under the following licenses:
Cream is an e-commerce solution provider for the Magento platform. You'll find an overview of all our (open source) projects on our website.