The source project of this merge request has been removed.
Update AuthCryptPlugin with backwards compatible bcrypt and argon2i password hashing support, fix timing attacks
This adds support for modern password hashing algorithms, and fixes timing attacks for old password verification.
For older versions of PHP that do not support password_hash() or password_verify(), the existing method will be used as a fallback. Passwords will be automatically updated to the newest default algorithm (PASSWORD_BCRYPT) if supported by that PHP version.