Passwords should always be saved as an encrypted hash. DokuWiki supports multiple hash methods, which one it should use is defined by this option. What you choose here depends on your security needs and if you want to use an existing authentication database. DokuWiki is able to determine which method was used from an encrypted password, so you can always change the used method as long as your authentication backend supports this.
When using salted hashing, a random salt is generated when the user is initially assigned a password, and each time the user changes their password. The salt is stored with the password. Whether DokuWiki is able to apply a salt depends on the authentication backend used.
The following hash methods are available:
Option | Description |
---|---|
smd5 | Salted MD5 hashing |
md5 | Simple MD5 hashing (this was the method used in older Releases) |
apr1 | Apache style salted MD5 hashs |
sha1 | SHA1 hashing |
ssha | Salted SHA1 hashing (as used in LDAP) |
crypt | Unix crypt |
mysql | Password as used in MySQL before Version 4.1.1 |
my411 | Password as used in MySQL 4.1.1 or higher |
kmd5 | Another salted MD5 based hashing as used in UNB |
pmd5 | Salted MD5 based algorithm as used by Wordpress |
hmd5 | Same as pmd5 but as used by PhpBB3 |
mediawiki | Salted MD5 hashing as used by MediaWiki (Method B) |
djangosha1 | Salted SHA1 hashing as used by the Python Django Framework. |
djangomd5 | Salted MD5 hashing as used by the Python Django Framework. |
bcrypt | Salted bcrypt passwords (hashed). Needs PHP 5.3+ |
sha512 | Salted SHA512 hashing. Needs PHP 5.3.2+ |
argon2i | Argon2i hashing. Needs PHP 5.5.0+ |
argon2id | Argon2id hashing. Needs PHP 5.5.0+ |
bcrypt