[TYPO3-english] Passwords in sha-512

Jan Bednarik info at bednarik.org
Sat Mar 30 16:29:19 CET 2013


thanks for answer. The thing is that the database doesn't come from 
TYPO3. I rewriting a web that had it's own CMS to TYPO3, so the only 
thing I have are sha-512 passwords.

Looking at the saltedpasswords, I could overload compareUident method 
with my own implementation that would use sha-512.


Dne 30.3.2013 13:28, Jigal van Hemert napsal(a):
> Hi,
> On 29-3-2013 23:32, Jan Bednarik wrote:
>> I need to import database of users and their passwords are hashed using
>> sha-512. I was wondering whether it's possible to configure
>> rsaauth/saltedpasswords extension to use this alghoritm. Or any other
>> extension for such use?
> You can extend the saltedpasswords extension with your own saltMethod.
> There is one feature you can use to help these users get properly salted
> hashes for their passwords. Passwords prefixed with C$ or M$ are salted
> hashes of the old clear text password with lower hash looping count from
> t3sec_saltedpw (C) or MD5-hashes (M).
> These passwords are validated with the old method and updated to a new
> salted password during login of the user.
> You can use this method with your own saltMethod. Validate the password
> which needs to be updated with your old sha-512 method and update it to
> a salted password with the method you prefer. You can copy one of the
> saltMethods from the saltedpasswords sysext as inspiration.

More information about the TYPO3-english mailing list