[TYPO3-english] Passwords in sha-512
Jigal van Hemert
jigal.van.hemert at typo3.org
Sat Mar 30 13:28:38 CET 2013
Hi,
On 29-3-2013 23:32, Jan Bednarik wrote:
> I need to import database of users and their passwords are hashed using
> sha-512. I was wondering whether it's possible to configure
> rsaauth/saltedpasswords extension to use this alghoritm. Or any other
> extension for such use?
You can extend the saltedpasswords extension with your own saltMethod.
There is one feature you can use to help these users get properly salted
hashes for their passwords. Passwords prefixed with C$ or M$ are salted
hashes of the old clear text password with lower hash looping count from
t3sec_saltedpw (C) or MD5-hashes (M).
These passwords are validated with the old method and updated to a new
salted password during login of the user.
You can use this method with your own saltMethod. Validate the password
which needs to be updated with your old sha-512 method and update it to
a salted password with the method you prefer. You can copy one of the
saltMethods from the saltedpasswords sysext as inspiration.
--
Jigal van Hemert
TYPO3 CMS Core Team member
TYPO3 .... inspiring people to share!
Get involved: typo3.org
More information about the TYPO3-english
mailing list