Hey William,

I just rechecked it again on D6, works fine.
MD5 has a property that when a hash is generated, it will always yield the same hash for a particular word / password

The case you are talking of can be in D7, please confirm if it is drupal 6 of drupal 7

On Wed, Mar 16, 2011 at 10:14 AM, prothero <prothero@geol.ucsb.edu> wrote:
Tnx. But, when I use md5("myPassword"), I don't get the same result that is shown in Drupal's users table (the 'pass' field) for that user. There must be something else.
Bill

William A. Prothero

http://earthednet.org/

On Mar 15, 2011, at 8:46 PM, Vaibhav Jain wrote:

Hello,

The password in Drupal is generated via MD5 function which is a default in PHP.
Apart from the password, there is nothing that gets added to the password.
You can check function user_save in user module, which directly sends the value in md5 format, that will provide you some more clarity.

I think you are talking of a SALT value that gets added, but this is not the case in drupal 6, as it is using MD5
However, in Drupal 7, SALT is used and MD5 is not followed to save the passwords.

On Wed, Mar 16, 2011 at 5:09 AM, prothero <prothero@geol.ucsb.edu> wrote:
I am going to manipulate the Drupal users table externally. I know that the password in Drupal 6 is generated as an md5 hash, but I'm wondering what the input to the md5 function is. Obviously, it includes the password, but what else?
Tnx,
Bill


William A. Prothero


--
[ Drupal support list | http://lists.drupal.org/ ]



--
Regards,
Vaibhav Jain
--
[ Drupal support list | http://lists.drupal.org/ ]


--
[ Drupal support list | http://lists.drupal.org/ ]



--
Regards,
Vaibhav Jain