FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » FUDforum » How To » Password format
Show: Today's Messages :: Polls :: Message Navigator
Switch to threaded view of this topic Create a new topic Submit Reply
Password format [message #15623] Sun, 28 December 2003 00:12 Go to next message
beamdriver is currently offline  beamdriver   United States
Messages: 15
Registered: April 2003
Location: Long Island, NY
Karma: 0
Junior Member
How is the password hash generated? I'd like to use the users list for another portion of my site?

Thanks!
Re: Password format [message #15624 is a reply to message #15623] Sun, 28 December 2003 16:58 Go to previous messageGo to next message
firepages is currently offline  firepages   Australia
Messages: 24
Registered: July 2003
Karma: 0
Junior Member
using PHP's md5() function
see DATA_DIR/src/users_reg.inc.t

no salt used though .. perhaps this could/should be an admin config option?

[Updated on: Sun, 28 December 2003 16:59]

Report message to a moderator

Re: Password format [message #15625 is a reply to message #15624] Sun, 28 December 2003 18:56 Go to previous messageGo to next message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
Why would you need a salt? First of all md5 is much more secure then crypt() which you are thinking of and does not support/require a salt.

FUDforum Core Developer
Re: Password format [message #15626 is a reply to message #15623] Sun, 28 December 2003 18:57 Go to previous messageGo to next message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
beamdriver wrote on Sat, 27 December 2003 19:12

How is the password hash generated? I'd like to use the users list for another portion of my site?

Thanks!


The password is md5 of the user's original password.


FUDforum Core Developer
Re: Password format [message #15627 is a reply to message #15625] Sun, 28 December 2003 19:15 Go to previous messageGo to next message
firepages is currently offline  firepages   Australia
Messages: 24
Registered: July 2003
Karma: 0
Junior Member
Ilia wrote on Sun, 28 December 2003 13:56

Why would you need a salt? First of all md5 is much more secure then crypt() which you are thinking of and does not support/require a salt.



I did mean md5() , e.g. I meant salt the supplied plaintext password ... but yes its pointless anyway in this case , guess I need sleep ....

but I got the answer right at least Very Happy
Re: Password format [message #15629 is a reply to message #15623] Sun, 28 December 2003 21:43 Go to previous message
beamdriver is currently offline  beamdriver   United States
Messages: 15
Registered: April 2003
Location: Long Island, NY
Karma: 0
Junior Member
Thanks!
  Switch to threaded view of this topic Create a new topic Submit Reply
Previous Topic: Unlike files not working
Next Topic: RSS Restrictions
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Fri Nov 29 19:21:09 GMT 2024

Total time taken to generate the page: 0.02237 seconds