On Mon, 31 Mar 2003 09:24:03 +1000, Tim Starling
<ts4294967296(a)hotmail.com> wrote:
Obviously we'd have to add a note explaining
that everyone has to reset
their password. Not everyone has an e-mail address attached to their
account, so we'd need to add a web form for doing this. That obviously
would require first validating the person with their current password
with the current hashing code; so we'd probably need a marker to
indicate that each users' password field is upgraded.
No-one will have to reset their password. I'll just use md5(md5(password)
+ salt) for the new hash. The only thing users will notice is that their
stored cookies will stop working and they'll have to log in again.
I hope that wikipedia isn't currently storing raw passwords in the user
table. So the only way you could implement a resetles upgrade would be to
add a second password field.
If a user logs in with only the original password field set, you validate
against that and if okay, MD5 the password they entered and store it. After
about a year you remove the original password field (anyone who hasn't
logged in in that time deserves to have to do a password reset!). I used
this technique recently to upgrade from Unix CRYPT to MD5 for password
storage.
--
What difference does it make to the dead, the orphans and the homeless,
whether the mad destruction is wrought under the name of totalitarianism or
the holy name of liberty or democracy?
Richard Grevers
Christchurch, New Zealand