Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

How to add a custom password hashing method?

edited March 2012 in Vanilla 2.0 - 2.8

It's me again with yet more questions.....

How do I go about adding a new (custom) user password hashing method without modifying the framework?

I want to add a very simple new hasing method called "fl" which would simply take md5 of raw password.

I tried adding a new "case" statement to "library/core/class.passwordhash.php" as well as setting appropriate hashing method name in gdn_user HashMethod field. Didn't work. When I try to login the javascript just hangs, only return error if I enter non-existing user name.

Tagged:

Best Answer

  • ToddTodd Chief Product Officer Vanilla Staff
    Answer ✓

    This isn't something we currently support without modifying the code. If you want a straight md5 hash I just recommend you use the django hash method. You need to augment your password hashes a little bit.

    Let's say your md5 is something like 289111d9eac1a9aa35f4f63dc7b68a0a. Just prefix that with md5$$ which would give you md5$$289111d9eac1a9aa35f4f63dc7b68a0a.

Answers

  • ToddTodd Chief Product Officer Vanilla Staff
    Answer ✓

    This isn't something we currently support without modifying the code. If you want a straight md5 hash I just recommend you use the django hash method. You need to augment your password hashes a little bit.

    Let's say your md5 is something like 289111d9eac1a9aa35f4f63dc7b68a0a. Just prefix that with md5$$ which would give you md5$$289111d9eac1a9aa35f4f63dc7b68a0a.

  • Your django solution worked! Thanks a lot!

Sign In or Register to comment.