[Mediawiki-l] salted hashed hashed passwords
Paul Sanderson
sandersonforensics at gmail.com
Wed Feb 8 17:45:06 UTC 2006
Hi
I am trying to create a program to automate the transfer of users from
an existing forum into my wiki.
As far as I can see I could get away with adding the following to the
users table
username
e-mail address
password (the list is password protected)
I ma not a php programmer so I thought ity might be easier to do this
in C++ and gave written the basic elements to do the above.
The problem comes when adding the password. As far as I can see
mediaWiki expects a salted hash of the hash of a password, the salt is
the userID. i.e. if I create a user who has a random password (say
123abc) and a userID of say 357 then I would do the following
Create a random password (123abc)
Hash it
prepend the user ID and a dash(-), so we would have, some thing like
357-abc343acde... etc.
We then hash this string again, giving the final hash
When I do this on a test case I do not get a matching hash - what am I
doing wrong?
More information about the MediaWiki-l
mailing list