Questions about the encryption method

Hi @sermadnajar20,
Thanks for raising these questions.

So i basically install this plugin on a site, and it will change the Databse encryption method from MD5 to Argon2?

It is only for the WordPress user passwords. It does not encrypt the database entirely. The passwords are hashed, rather than encryption. Encryption implies they can be decrypted with the/a key. Hashing means it’s a one-way operation.

Because in my studies we figures it was pretty simple to decrypt a string, /password through online tables. But argon2 was not as simple.

Splitting hairs, I wouldn’t call it simple, because even the standard WordPress MD5 hashing is repeated several times to slow it down, and it uses a random value too, which makes online tables useless. But it’s computationally simpler compared to what it was 10-15 years ago. That’s why we have this plugin, to use a more computationally intensive algorithm.

So does the plugin truly secure the database?
And also, does the plugin get regular updates, or is that not even important? just want to make sure it works with current instalment of the WordPress version.

Like I said on the first quote, this plugin does one thing and does it well – switching the MD5-based password hashing to Argon2/Bcrypt. The entire database is not encrypted. To encrypt an entire database, look for database server-level encryption that you can apply for fields, tables, or even to the whole database.

Hope that answers the questions. feel free to ask if you like more clarification.

Cheers.

Thanks a lot for the quick response.
Do you know of any plugins that secure the whole database without breaking it?