Chance password hash from bcrypt to salted_md5

Discussion forum for Extension Writers regarding Extension Development.
Post Reply
marc60
Registered User
Posts: 28
Joined: Thu Mar 21, 2013 2:20 pm

Chance password hash from bcrypt to salted_md5

Post by marc60 » Wed Aug 03, 2016 9:24 am

Hi,

for some reasons I have to use the salted_md5 method in 3.1.9 . I know, in 3.1 bcrypt is the default method because Its a bit safer (brute force). But for me its very important to change this to salted_md5 (3.0 default).

Is it possible to change the default method to salted_md5 instead of bcrypt. I searched already in the manager.php but couldnt find it.

Thank you very much.

best regards
Last edited by Mick on Wed Aug 03, 2016 9:51 am, edited 1 time in total.
Reason: Moved from [3.1] support

User avatar
kasimi
Extension Customisations
Extension Customisations
Posts: 3717
Joined: Sat Sep 10, 2011 7:12 pm
Location: Germany
Contact:

Re: Chance password hash from bcrypt to salted_md5

Post by kasimi » Wed Aug 03, 2016 10:10 am

Have a look at /config/parameters.yml :)

marc60
Registered User
Posts: 28
Joined: Thu Mar 21, 2013 2:20 pm

Re: Chance password hash from bcrypt to salted_md5

Post by marc60 » Wed Aug 03, 2016 11:04 am

Hi,

thank you very much for your quick reply.

I changed parameters.yml

from:

Code: Select all

    # List of default password driver types
    passwords.algorithms:
        - passwords.driver.bcrypt_2y
        - passwords.driver.bcrypt
        - passwords.driver.salted_md5
        - passwords.driver.phpass
to

Code: Select all

    # List of default password driver types
    passwords.algorithms:
        - passwords.driver.salted_md5
        - passwords.driver.phpass
But when I register a new user the bcrypt_2y is still active. I can see it in the DB, the password begins with $2y. How is it possible to switch to salted_md5?

EDIT:

Ok, fixed! After the cache is cleared it works like a charm.

Thank you very much :)

Post Reply

Return to “Extension Writers Discussion”