Caution
WP Password Argon Two has been abandoned. Hence, WP Password Argon Two Env as well.
If you want to maintain a fork of WP Password Argon Two, read this blog post (Wayback Machine snaptshot). Otherwise, use roots/wp-password-bcrypt.
Convert environment variables to WP Password Argon Two required constants.
- Goal
- Installation
- Usage
- Frequently Asked Questions
- Support!
- Developing
- Feedback
- Change Log
- Security
- Credits
- License
Defining WP Password Argon Two required constants in application code violates 12-factor principle.
This package allows you configure WP Password Argon Two with environment variables.
➜ composer require typisttech/wp-password-argon-two-env
In wp-config.php
or Bedrock's config/application.php
:
TypistTech\WPPasswordArgonTwo\Env\Converter::run();
On your server, define these environment variables:
WP_PASSWORD_ARGON_TWO_PEPPER
WP_PASSWORD_ARGON_TWO_OPTION_MEMORY_COST
WP_PASSWORD_ARGON_TWO_OPTION_TIME_COST
WP_PASSWORD_ARGON_TWO_OPTION_THREADS
WP_PASSWORD_ARGON_TWO_FALLBACK_PEPPER_<integer>
Only WP_PASSWORD_ARGON_TWO_PEPPER
is required. Others are optional.
Fallback peppers must start with 1
and consecutive. For example:
WP_PASSWORD_ARGON_TWO_FALLBACK_PEPPER_1
WP_PASSWORD_ARGON_TWO_FALLBACK_PEPPER_2
WP_PASSWORD_ARGON_TWO_FALLBACK_PEPPER_3
Trellis users could add environment variables under wordpress_sites
:
# group_vars/<env>/vault.yml
vault_wordpress_sites:
example.com:
env:
wp_password_argon_two_pepper: 'your_long_and_random_pepper'
wp_password_argon_two_fallback_pepper_1: 'your_second_oldest_pepper'
wp_password_argon_two_fallback_pepper_2: 'your_oldest_pepper'
# group_vars/<env>/wordpress_sites.yml
wordpress_sites:
example.com:
env:
wp_password_argon_two_option_memory_cost: 131072 # 128 Mb
wp_password_argon_two_option_time_cost: 4
wp_password_argon_two_option_threads: 3
Encrypting vault.yml
files is important! Learn more on Trellis docs.
Because... pepper should not be empty.
WP_PASSWORD_ARGON_TWO_PEPPER
environment variable isn't defined properly.
No.
- Articles on Typist Tech's blog
- Tang Rufus' WordPress plugins on wp.org
- More projects on Typist Tech's GitHub profile
- Stay tuned on Typist Tech's newsletter
- Follow Tang Rufus' Twitter account
Love WP Password Argon Two Env? Help me maintain it, a donation here can help with it.
Ready to take freelance WordPress jobs. Contact me via the contact form here or, via email info@typist.tech
Contact: Tang Rufus
To set up a developer workable version you should run these commands:
$ composer create-project --keep-vcs --no-install typisttech/wp-password-argon-two-env:dev-master
$ cd wp-password-argon-two-env
$ composer install
Please provide feedback! We want to make this library useful in as many projects as possible. Please submit an issue and point out what you do and don't like, or fork the project and make suggestions. No issue is too small.
If you discover any security related issues, please email wp-password-argon-two-env@typist.tech instead of using the issue tracker.
WP Password Argon Two Env is a Typist Tech project and maintained by Tang Rufus, freelance developer for hire.
Full list of contributors can be found here.
The MIT License (MIT). Please see License File for more information.