[support] How does Drupal generate the stored password
Vaibhav Jain
in.vaibhavjain at gmail.com
Wed Mar 16 03:46:29 UTC 2011
Hello,
The password in Drupal is generated via MD5 function which is a default in
PHP.
Apart from the password, there is nothing that gets added to the password.
You can check function user_save in user module, which directly sends the
value in md5 format, that will provide you some more clarity.
I think you are talking of a SALT value that gets added, but this is not the
case in drupal 6, as it is using MD5
However, in Drupal 7, SALT is used and MD5 is not followed to save the
passwords.
On Wed, Mar 16, 2011 at 5:09 AM, prothero <prothero at geol.ucsb.edu> wrote:
> I am going to manipulate the Drupal users table externally. I know that the
> password in Drupal 6 is generated as an md5 hash, but I'm wondering what the
> input to the md5 function is. Obviously, it includes the password, but what
> else?
> Tnx,
> Bill
>
>
> William A. Prothero
>
> http://earthednet.org/
>
>
>
>
> --
> [ Drupal support list | http://lists.drupal.org/ ]
>
--
Regards,
Vaibhav Jain
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/support/attachments/20110316/3d0bb3aa/attachment.html
More information about the support
mailing list