I'm trying to create a custom registration component for Joomla, and I was wondering if anyone knew how to create the correct password encryption for joomla? Joomla passwords look like this :
fbae378704687625a410223a61c66eb1:VM6DwmVWHTwpquDq51ZXjWWADCIc93MR
Which I believe are md5 (or something) and one way encryption? Am just looking for a php code of sorts to create that same encryption.
Cheers
$salt = JUserHelper::genRandomPassword(32);
$crypt = JUserHelper::getCryptedPassword("yourpassword", $salt);
$password = $crypt.':'.$salt;
After a bit more searching i found my answer, thanks guys for your help :)
EDIT: I forgot to mention that you need to include this line before calling JUserHelper:
jimport('joomla.user.helper');
From joomla Forum, that's what happen behind:
Example:
+1 for storing the hash of the password rather than storing the password itself.
To protect against precomputation attacks you should use a random salt. Additionaly it's probably a good idea to use a stronger hashing algorithm such as SHA-256 which I think is supported on PHP. See Secure hash and salt for PHP passwords for more information.
I don't know PHP, but most languages have a library that supports md5 and (and other hashing algorithms) PHP appears to also. I found this:
string md5 ( string $str [, bool $raw_output = false ] )
Calculates the MD5 hash of str using the » RSA Data Security, Inc. MD5 Message-Digest Algorithm, and returns that hash.
Here's an example:
<?php
$password = 'apple';
if (md5($password) === '1f3870be274f6c49b3e31a0c6728957f') {
echo "Password correct";
}
?>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With