bcrypt and BLAKE2b: A New Password Hashing Algorithm in WordPress 6.8

In WordPress 6.8, passwords will be hashed using bcrypt instead of phpass. Hacking such hashes requires significantly more resources.

Application passwords, password reset keys, personal data request keys, and recovery mode keys will switch to the BLAKE2b algorithm.

bcrypt — slow, designed for password protection. In PHP, it is used via password_hash() / password_verify(). In WordPress 6.8, SHA-384 hashing is added before bcrypt to bypass the 72-byte limit and enhance password strength.

BLAKE2b — fast hash for keys and tokens, faster than SHA-256 while maintaining comparable reliability. The libsodium extension in PHP already contains its implementation, so WordPress simply calls sodium_crypto_generichash() instead of its old PHP script. This results in both speed and security improvements.

Admins and users do not need to do anything. Old passwords and keys will continue to work as before. Users will remain authenticated without changing their passwords.

Upon the first login or password change, the system will automatically recalculate the hash using bcrypt and save it. Application passwords and keys will be recalculated only when new ones are created; old ones will remain valid until the end of their term.

Post passwords will still use phpass for now. Their hashing is planned to be improved later.

Contents:

Portability
Pre-hashing SHA-384 for Passwords
Do developers need to do anything after the update?
PHP Functions
Password Processing Functions
Fast Hashing Functions
Argon2 Algorithm
Useful Information
GitHub and Trac

Portability

Hashes created by portable phpass remain portable across different sites, environments, and servers. This portability will not change with the switch to bcrypt and BLAKE2b, so you can move the database between servers, update PHP and WordPress, and the password hashes will work as expected.

Note about portable phpass

phpass has two modes:

portable — pure PHP code, works everywhere.
native — relies on crypt(), depends on compiled algorithms on the server.

WordPress used the portable version to ensure hashes would "live" when moving to another server.

The new bcrypt and BLAKE2b from password_hash() are cross-platform "out of the box" (also portable to different servers).

Pre-hashing SHA-384 for Passwords

WordPress uses bcrypt for password hashing, but bcrypt has a limitation — it only considers the first 72 bytes of the password. Anything longer is simply truncated and does not participate in the hash. This can weaken the security of long passwords.

To avoid this, WordPress first passes the password through SHA-384 — this is called pre-hashing. As a result, a fixed-length string is produced, which fits within the 72-byte limit. This string is then processed by bcrypt.

To distinguish such "pre-hashed" bcrypt hashes from standard ones (for example, created by plugins), WordPress adds the prefix $wp$2y$ instead of the usual $2y$ . This helps the system understand how the hash was obtained and verify it correctly.

Do developers need to do anything after the update?

Let's consider the scenarios of when and what needs to be done after updating WP to version 6.8:

Almost always — nothing.
The code calling wp_hash_password() and wp_check_password() will continue to work as before, no changes are required.
If the code works directly with the hash.
Code that expects the prefix $P$ on the hash will need to be changed to either not analyze the prefix at all or to also support the new prefixes. That is, you will need to remove the hard check for $P$ or add support for the new prefixes:
- $wp$2y$ — bcrypt + SHA-384 (new default).
- $2y$ — "pure" bcrypt (can be set by plugins).
- $generic$ — BLAKE2b for tokens.
- $argon2… — if the site has switched to Argon2.
- $P$ — old phpass.
- 32-character MD5 — a rarity.
Does the code check passwords?
Such code should use the following functions:
- wp_check_password() — For user passwords.
- wp_verify_fast_hash() — For tokens/keys.
Does the plugin override WP functions wp_hash_password() and wp_check_password()?
If the overridden functions do not implement another hashing algorithm, they can be removed to allow the new bcrypt implementation to work.
SSO, social login, 2FA.
Alternative authentication mechanisms, such as SSO, social login, or one-time login, are unlikely to be affected. Implementations of multi-factor authentication (MFA, 2FA) are also unlikely to be affected.

Just check if your code is directly accessing the user_pass column or "key" meta-fields.

PHP Functions

Password Processing Functions

The functions wp_hash_password() and wp_check_password() now use the built-in PHP functions password_hash() and password_verify() with the bcrypt algorithm and SHA-384 pre-hashing.

Both functions retain support for the global object $wp_hasher in case it is used to implement an alternative hashing mechanism.

The function wp_check_password() maintains support for passwords hashed with phpass, so existing hashes will not become obsolete.

A new function wp_password_needs_rehash() has been introduced as a wrapper around the PHP function password_needs_rehash(). If necessary, a plugin can change its logic through the filter password_needs_rehash or can completely override the function.

Fast Hashing Functions

New wrapper functions for the BLAKE2b algorithm have been introduced:

wp_fast_hash() — Used for fast hashing of a string.
- Needed for secrets that do not have an expiration.
- What it does: takes the input string, calculates the BLAKE2b hash, encodes it in Base64, and adds the prefix $generic$.
- Should not be used for passwords: user passwords are hashed with slow bcrypt to complicate brute-force attacks.
wp_verify_fast_hash() — Used to verify a hash created via wp_fast_hash(). It is also backward-compatible with old phpass hashes.

Argon2 Algorithm

Argon2 — a modern, "memory-hard" algorithm for password hashing: besides CPU, it requires a significant amount of RAM, making brute-forcing hashes on GPU/ASIC costly and slow. This enhances password strength compared to bcrypt.

Servers supporting Argon2 can enable its use in WP 6.8 with a single line of code:

add_filter( 'wp_hash_password_algorithm', fn() => PASSWORD_ARGON2ID );

If necessary, check Argon2 support first via the function password_algos().

Unfortunately, you cannot rely on the availability of Argon2 on all servers, as it requires libargon2 and a PHP build with Argon2 support. The default PHP library sodium_compat does not provide an Argon2 implementation.

Useful Information

User passwords are stored as hashes in the wp_users.user_pass field of the database.
Application passwords are stored as hashes in a serialized JSON object in the wp_usermeta table with the key _application_passwords.
User password reset keys are stored as hashes in the wp_users.user_activation_key field of the database.
Personal data request keys are stored as hashes in the wp_posts.post_password field of the database.
The recovery mode key is stored as a hash in the wp_options.recovery_keys database option.

GitHub and Trac

Technical FAQs and implementation details are available in the GitHub PR for this change and in the discussion on the Trac ticket.

Source: https://make.wordpress.org/core/2025/02/17/wordpress-6-8-will-use-bcrypt-for-password-hashing/