From 76af645e3295a92842eec6d1505b0d751812680e Mon Sep 17 00:00:00 2001
From: Johan Vlaar <johan@adivare.nl>
Date: Tue, 11 Feb 2025 12:21:57 +0100
Subject: [PATCH] [symfony/security-bundle] set default algorithm to plaintext

---
 .../6.4/config/packages/security.yaml               | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/symfony/security-bundle/6.4/config/packages/security.yaml b/symfony/security-bundle/6.4/config/packages/security.yaml
index 367af25a5..b048feca6 100644
--- a/symfony/security-bundle/6.4/config/packages/security.yaml
+++ b/symfony/security-bundle/6.4/config/packages/security.yaml
@@ -30,10 +30,11 @@ when@test:
         password_hashers:
             # By default, password hashers are resource intensive and take time. This is
             # important to generate secure password hashes. In tests however, secure hashes
-            # are not important, waste resources and increase test times. The following
-            # reduces the work factor to the lowest possible values.
+            # are not important, waste resources and increase test times.
             Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
-                algorithm: auto
-                cost: 4 # Lowest possible value for bcrypt
-                time_cost: 3 # Lowest possible value for argon
-                memory_cost: 10 # Lowest possible value for argon
+                algorithm: plaintext # disable hashing all together
+                # You can also use the following configuration to use the lowest possible values for bcrypt and argon:
+                # algorithm: auto
+                # cost: 4 # Lowest possible value for bcrypt
+                # time_cost: 3 # Lowest possible value for argon
+                # memory_cost: 10 # Lowest possible value for argon