Salted Password Issue

  • Resolved jonah0037

    (@jonah0037)


    4 years, 9 months ago

    Hi,

    So as I was setting up the plugin, when I did MD5 for the password encryption and selected the salting used and whatnot, it asks to put the letters/numbers that were used when the password is salted, but how the passwords are salted is by using the current time when a user registered and using that time as the salt values. Any way around this, or would I have to change how the passwords are salted? The date and time is logged in a field in the database.

    • This topic was modified 4 years, 9 months ago by jonah0037.
    • This topic was modified 4 years, 9 months ago by jonah0037.
    • This topic was modified 4 years, 9 months ago by jonah0037.
Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author tbenyon

    (@tbenyon)

    Hey @jonah0037,

    Because this is a custom hashing solution some custom code is required to hook into the plugin flow.

    You can do this with the “exlog_hook_filter_authenticate_hash” hook. You can find documentation for its use in the FAQ.

    To help you out however, this is something like what you would want to add to your functions.php file:

    function myExlogHashAuthenticator($password, $hashFromDatabase, $username, $externalUserData) {
    $timeLoginStamp = $externalUserData['yourFieldNameHere']; 
    $computedHash = md5($timeLoginStamp . $password);
    return $computedHash == $hashFromDatabase;
}
add_filter('exlog_hook_filter_authenticate_hash', 'myExlogHashAuthenticator', 10, 4);

    This is just pseudo code to help you build a solution.

    If any of this doesn’t make sense, please get back to me and I’ll answer more questions ??

    Let me know how you get on!

    Thanks,

    Tom

    Plugin Author tbenyon

    (@tbenyon)

    Hey @jonah0037,

    Just checking in to see how you’re getting on ??

    Plugin Author tbenyon

    (@tbenyon)

    I haven’t heard back so I’m going to mark this as resolved.

    Happy to help if you have any further questions ??

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Salted Password Issue’ is closed to new replies.