Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Options

Only use MD5

Hello there,

my question is, if there is a possible way that Vanilla only use MD5? I knew it is not so safe, but my forum account's should be connected with much online games and they only can md5 mostly..

Sry for my bad english :P

thanks..

Comments

  • Options

    you can do it for imported users, but it will default to Vanilla for new user, or when they change their password.

    This is not how you do authentication with other services anyway, passing passwords around.

    You can't treat two sessions as the same, or you will get a mix up. You need a SSO solution.

    grep is your friend.

  • Options
    LincLinc Detroit Admin

    Yes, look at jsConnect for a single sign-on solution. It's far easier than directly copying passwords anyway.

    Also, if you know MD5 isn't secure, compatibility is no excuse for using it.

Sign In or Register to comment.