This is actually incorrect.<p>It's using Phpass by Solar Designer, which is not the same thing as merely "using MD5". Typically, I reserve that choice of words for constructions like this:<p><pre><code> $hash = md5($password);
$hash = md5($password . $salt);
// etc
</code></pre>
This MD5 code is still bad. They really should migrate to just using password_hash() and password_verify(), but they won't. They're committed to supporting PHP 5.2.x forever (or at least until every shared host in existence stops supporting 5.2, which is effectively forever).<p><a href="https://github.com/WordPress/WordPress/blob/6edbcc88ff5ba0acaba8a8e1d2490ed64ff33b63/wp-includes/class-phpass.php#L225-L239" rel="nofollow">https://github.com/WordPress/WordPress/blob/6edbcc88ff5ba0ac...</a><p>Note that, on newer versions of PHP, bcrypt will be used instead of the method linked by this HN submission.
We wrote a plugin for this a while ago that uses crypt(3) with 5000 rounds SHA-256 and a 96 bit salt – it's the safest method I found that fit within Wordpress' password hash column without altering it, even if I'd have preferred scrypt (argon2 wasn't out yet).<p>I guess we should open source it after all.