[Mediawiki-l] extract user account from database
rosenthal3000 at googlemail.com
Sat Jan 9 14:50:48 UTC 2010
> I'd need to get the passwords either in md5 hash or in clear.
Storing the password in plain text or as an md5 hash is a security
risk. It is very easy to find a password collision (a password with
the same hash) once you got its hash.
> out the manual , password aren't stored as simple MD5 hash, an
> additional string is added. Is there a way I can convert them into
> regular hash of the password?
No, that's called security that not everyone who has access to the
database can see the user passwords. Therefore a salt is added. If you
don't know the password there shouldn't be any ways to get it.
More information about the MediaWiki-l