From bc0f81d34099f8ba4fb4f0d1d260c1e39d80976e Mon Sep 17 00:00:00 2001
From: David Grudl <david@grudl.com>
Date: Sun, 1 Jul 2018 22:32:55 +0200
Subject: [PATCH] Passwords: BCRYPT changed to default algorithm

---
 src/Security/Passwords.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Security/Passwords.php b/src/Security/Passwords.php
index ac11c43b..8b6978ed 100644
--- a/src/Security/Passwords.php
+++ b/src/Security/Passwords.php
@@ -28,7 +28,7 @@ public static function hash(string $password, array $options = []): string
 			throw new Nette\InvalidArgumentException("Cost must be in range 4-31, $options[cost] given.");
 		}
 
-		$hash = password_hash($password, PASSWORD_BCRYPT, $options);
+		$hash = password_hash($password, PASSWORD_DEFAULT, $options);
 		if ($hash === false || strlen($hash) < 60) {
 			throw new Nette\InvalidStateException('Hash computed by password_hash is invalid.');
 		}
@@ -50,6 +50,6 @@ public static function verify(string $password, string $hash): bool
 	 */
 	public static function needsRehash(string $hash, array $options = []): bool
 	{
-		return password_needs_rehash($hash, PASSWORD_BCRYPT, $options);
+		return password_needs_rehash($hash, PASSWORD_DEFAULT, $options);
 	}
 }