[Mediawiki-l] encryption of paasword

Lane, Ryan Ryan.Lane at ocean.navo.navy.mil
Mon Jan 14 14:33:34 UTC 2008


> Im 99% sure it is just md5.
> You cant undo md5 though, just not how it would works.
> 
> But you would just say is md5('mypassword') = to the password stored  
> in the database.

I'm almost positive that MediaWiki uses a non-standard md5 hash in the
database.

Why not just use the already available functions to add users? Notice
that all auto-authentication plugins do this. Take a look at
LdapAuthentication, SSLAuthentication, ShibbolethAuthentication, or any
other well maintained auto-authentication plugins you can find to see
how to reliably do this.

V/r,

Ryan Lane



More information about the MediaWiki-l mailing list