DefaultSettings: fix "advanced example" for $wgPasswordConfig

Follows-up 95a8974c6.

The version of EncryptedPassword that was merged doesn't use mcrypt, but
rather OpenSSL. Also, show one way of specifying the key, and remove the
"cost" option, which would instead need to be specified for the underlying
type ("bcrypt").

Change-Id: Idaaca765835656113c8f0f1e83cc7e5a2a922fa2

diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index 02cbc2f..70c4d01 100644 (file)
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -4731,10 +4731,10 @@ $wgPasswordDefault = 'pbkdf2';
  * $wgPasswordConfig['bcrypt-peppered'] = [
  *     'class' => EncryptedPassword::class,
  *     'underlying' => 'bcrypt',
- *     'secrets' => [],
- *     'cipher' => MCRYPT_RIJNDAEL_256,
- *     'mode' => MCRYPT_MODE_CBC,
- *     'cost' => 5,
+ *     'secrets' => [
+ *         hash( 'sha256', 'secret', true ),
+ *     ],
+ *     'cipher' => 'aes-256-cbc',
  * ];
  * @endcode
  *