First, let me say i hope this is the right list!
well.. I forgot my password for sysop so I created a new md5 based off a new password and entered the md5 value into user_password in the user table on the wiki mysql database, but attempting to login still yeilds invalid password.. anybody have any thoughts on how to enter a new md5 and have it work? did i miss some sort of has / calculation done to the initial plaintext password?
Many thanks! -Export
Export TheGeek wrote:
well.. I forgot my password for sysop so I created a new md5 based off a new password and entered the md5 value into user_password in the user table on the wiki mysql database, but attempting to login still yeilds invalid password.. anybody have any thoughts on how to enter a new md5 and have it work? did i miss some sort of has / calculation done to the initial plaintext password?
/** * Salt a password. * Will only be salted if $wgPasswordSalt is true * @param string Password. * @return string Salted password or clear password. */ function addSalt( $p ) { global $wgPasswordSalt; if($wgPasswordSalt) return md5( "{$this->mId}-{$p}" ); else return $p; }
/** * Encrypt a password. * It can eventuall salt a password @see User::addSalt() * @param string $p clear Password. * @param string Encrypted password. */ function encryptPassword( $p ) { return $this->addSalt( md5( $p ) ); }
-- brion vibber (brion @ pobox.com)
Another method w/o touching the code:
Using MySQL or mysqlcc:
1. Insert a valid e-mail address into your entry in table user 2. mail you a temporary password 3. log-in with this 4. set a new password
Brion Vibber schrieb:
Export TheGeek wrote:
well.. I forgot my password for sysop so I created a new md5 based off a new password and entered the md5 value into user_password in the user table on the wiki mysql database, but attempting to login still yeilds invalid password.. anybody have any thoughts on how to enter a new md5 and have it work? did i miss some sort of has / calculation done to the initial plaintext password?
http://en.wikipedia.org/wiki/Salt_(cryptography)
-- Zigger
On Sat, 05 Mar 2005 10:44:05 +0100, Thomas Gries wrote:
Can someone explain shortly, what the purpose of password salting, or where I can read about it. ...
Export TheGeek wrote:
First, let me say i hope this is the right list!
well.. I forgot my password for sysop so I created a new md5 based off a new password and entered the md5 value into user_password in the user table on the wiki mysql database, but attempting to login still yeilds invalid password.. anybody have any thoughts on how to enter a new md5 and have it work? did i miss some sort of has / calculation done to the initial plaintext password?
Solution 1 (worked for me, without a md5hash-generator). The "salt" Brion wrote about is determined by the user's ID. So create another local installation of the mediawiki software. You can then use SQL to copy the password hash from one installation to the user with the same ID on the other installation.
Solution 2 (should work for you). You can alternatively simulate the "salting" process by hashing your new password, adding the user ID and a "-", to get a string "ID-md5hash" and hash that again. This last hast is the value you need to enter in user_password.
Christian de:Benutzer:SirJective
wikitech-l@lists.wikimedia.org