Thread

Hi

I was hoping you could explain or clarify some of the fields in the exp_members table and how they are treated.

1. Password: When a user is registered their password is stored as MD5. When they login the first time this is updated to SHA1 and a SALT is added. Is this SHA1 a hash of their original password or of the MD5 hash?

2. SALT: When a user is first registered the SALT field is empty. When they login the first time this field is populated. Is this a random 128bit salt or a SALT of their password?

3. unique_id: Is this just a random 40 character string?

4. crypt_key:  Is this just a random 40 character string?

Thanks for your help.

It’d be great if someone could come back to me on this.

Thanks

Hey Bluebloc,

Sorry you felt like you had to wait too long for an answer. We do aim to have a response to everyone here within 2 business days. Since this question warrants a fairly technical answer, I’m going to have one of my engineers hop in with a good answer. Hang tight for me, and we’ll get you a good answer today!

Hi Kevin

There’s no need to worry about it.

I found out the answers I needed wqithout having to wait for your reply! 😊

Thanks

Oh, glad to hear you found the info you needed, Bluebloc. Anything else I can help with?