{"id":23803535,"url":"https://github.com/d3cod3/wp-elsewhere-password","last_synced_at":"2025-11-11T07:31:56.937Z","repository":{"id":149329820,"uuid":"88402524","full_name":"d3cod3/wp-elsewhere-password","owner":"d3cod3","description":"Harden password encryption mechanism for wordpress","archived":false,"fork":false,"pushed_at":"2017-04-16T09:42:12.000Z","size":36,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-01-01T22:35:13.876Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/d3cod3.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-04-16T09:07:28.000Z","updated_at":"2017-04-16T09:09:30.000Z","dependencies_parsed_at":null,"dependency_job_id":"eb736f16-9c81-45db-b423-6f821701dbf9","html_url":"https://github.com/d3cod3/wp-elsewhere-password","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/d3cod3%2Fwp-elsewhere-password","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/d3cod3%2Fwp-elsewhere-password/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/d3cod3%2Fwp-elsewhere-password/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/d3cod3%2Fwp-elsewhere-password/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/d3cod3","download_url":"https://codeload.github.com/d3cod3/wp-elsewhere-password/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240054101,"owners_count":19740766,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-01-01T22:32:17.288Z","updated_at":"2025-11-11T07:31:56.910Z","avatar_url":"https://github.com/d3cod3.png","language":"PHP","readme":"# wp-elsewhere-password\n\nwp-elsewhere-password is a WordPress plugin to harden his password encryption mechanism.\n\nThis plugin requires PHP \u003e= 5.5.0 which introduced the built-in [`password_hash`](http://php.net/manual/en/function.password-hash.php) and [`password_verify`](http://php.net/manual/en/function.password-verify.php) functions.\n\n## Requirements\n\n* PHP \u003e= 5.5.0\n* WordPress \u003e= 4.4 (see https://core.trac.wordpress.org/ticket/33904)\n\n## Installation\n\nManually copy `libs/` folder and `wp-elsewhere-password.php` into your `mu-plugins` folder, [Must Use Plugins](https://codex.wordpress.org/Must_Use_Plugins).\n\nManually copy `wp-crypto.php` elsewhere, a good choice is copying it outside your server document root and then include it like this:\n\n```php\nrequire_once($_SERVER['DOCUMENT_ROOT'].'/../wp-crypto.php');\n```\n\nYou'll need to generate your personal encryption key, and add it to `wp-crypto.php`. To do that create a temporary php file like this:\n\n```php\n\u003c?php\n\nrequire_once(__DIR__ . \"/libs/php-encryption/CryptoAutoload.php\");\n\necho \\Defuse\\Crypto\\Key::CreateNewRandomKey()-\u003esaveToAsciiSafeString();\n\n ?\u003e\n```\n\nOpen it in your browser to generate an encryption key, copy-paste it in `wp-crypto.php` and save the file.\n\n## Libraries\n\nThis plugin use the following libraries:\n\n[constant_time_encoding](https://github.com/paragonie/constant_time_encoding/tree/v1.x) To prevent leak information about what you are encoding/decoding via processor cache misses\n\nand\n\n[php-encryption](https://github.com/defuse/php-encryption) To ensure the use of a secure encryption mechanism.\n\n## Thanks\n\nThanks to [wp-password-bcrypt](https://github.com/roots/wp-password-bcrypt) for a first introduction to the issue.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fd3cod3%2Fwp-elsewhere-password","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fd3cod3%2Fwp-elsewhere-password","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fd3cod3%2Fwp-elsewhere-password/lists"}