WordPress Password Encryption & Decryption Algorithm

WordPress is a most popular and familiar open source Content Management System(CMS). It uses the PHP password hashing framework to generate hashed strings using several available algorithms. WordPress doesn’t store user passwords as plain text, instead it will save the password as hash string (encrypted password). This make you to keep secure, even if your database is hacked, the attacker won’t know your original password.

WordPress will also adds a bit of salt to make the string much longer and more complex. Then, it applies a cryptographic algorithm to the final string to create a one-way hash. A specific plain text string will always generate the same hash. There is no way, however to convert a given hash back to its plain text equivalent. This is an one-way hashing technique that you can make the plain text to hash (encrypted text) but you can’t reverse it back by decrypting.

Read More