hi there,
I have checked that the password field of the member table is using md5. How do i configue ee2 to use sha1 instead?
thank you
This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.
The active forums are here.
October 05, 2010 9:07pm
Subscribe [3]#1 / Oct 05, 2010 9:07pm
hi there,
I have checked that the password field of the member table is using md5. How do i configue ee2 to use sha1 instead?
thank you
#2 / Oct 06, 2010 10:24am
Did you import the users, or did you set EE initially to use MD5?
#3 / Oct 06, 2010 7:52pm
hi sue,
Yes iam importing members. I cant remember what was set and how it was set when i installed it. But i know that it is md5 encrypted and i just want to know a way that i can change it back to sha1. It is a simple config setting somewhere?
thanks
al
#4 / Oct 07, 2010 9:38am
You don’t need to do anything. Once they log in, EE will convert the MD5 password to SHA1 for you. Does that help?
#5 / Oct 07, 2010 11:35pm
Hi Sue,
Iam slightly confused as the passwords are stored in the db as md5. I dont see what you mean by autoconvert. I would have thought there is a setting to change so that for new users, their password would be stored as sha1 and for existing users, they would just have to reset…
al
#6 / Oct 08, 2010 8:11am
Once an existing user logs in, EE looks at the database, sees that the password is in MD5 format, converts it to SHA1 and changes it on the fly. If the user never logs in at least once, the password stays in MD5 format.
The conversion occurs in /system/expressionengine/controllers/cp/login.php around line 231.
Does that help?
#7 / Oct 08, 2010 7:22pm
ahh right! Now it totally makes sense.
thanks heaps Sue….
#8 / Oct 09, 2010 4:53pm
Hi Al,
Glad that Sue was able to help you with this. Please post back if required.
Cheers
Greg