[TYPO3-english] migration from old fe_users with md5 passwords to rsaauth and saltedpasswords
Bernhard Kraft
kraftb at think-open.at
Sat Mar 6 22:56:50 CET 2010
Ansgar B. wrote:
> In concrete situation I have old passwords stored as md5 hashes in DB
> and want to migrate to rsaauth and salted passwords.
>
> Are there any hook where I can
> 1. fetch the password
> 2. build a md5 hash
> 3. check it againt old password
> 4. build new password
> 5. write it to the database
The "saltedpasswords" extension should normally do exactly what you
described. You do not even have to move a finger.
You can't automate the process of migration to saltedpasswords, as you
do not know the cleartext passwords just by knowing the md5 hashes of
the passwords.
The saltedpasswords extension will compare submitted passwords during
login sessions, and fallback to md5 if the stored password is not a
salted one. When the password is correct it will automagically update
the password in the database with a salted version created from the
cleartext password submitted (probably transmitted rsa encrypted).
greets,
Bernhard
More information about the TYPO3-english
mailing list