Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

md5 hash to passwords vanilla

edited April 2009 in Vanilla 1.0 Help
how to change md5 hash to password from db vanilla

db vanilla:

both are not same, how can I convert with this hash?


  • edited December 2008
    You can't you need the real password. Vanilla is using phpass to create (and check against) the new hash. We have extended it (PeoplePasswordHash) so that can also use md5 hash to check the password (and create a new hash if a md5 hash is used):
  • forget it, I use addon Md5authenticator
    do you know about Md5authenticator?
  • I guess that was a test password because "blablabla" is easily crackable :)
  • edited December 2008
    MD5 should not be used for passwords. It is very easy to crack, as SubJunk pointed out above.

    Case in point:
  • thanks for your helpful.
    can someone write a example source?
    that is important for me, I need a example source from phpbb to vanilla of member list..
    phpbbb uses md5, I know that is bad. how can I convert to passwords vanilla? someone better idea?
  • The password are converted when the users log-in. It can use md5 password.
  • Might be worth just forcing all users to reset their password on the new system? Kind of the brute force way to deal with it
  • good idea about reset password...
    you mean I can use with md5, this will convert automatic to phpass?
  • Vanilla will recognize both MD5 and PHPass in its database. When a user logs in to Vanilla and authenticates to an MD5 hash of their password, it is converted on-the-fly to PHPass and then saved back to the database. The MD5 hash is destroyed during this action, seemlessly securing any user account that logs in.
  • thank for your tipp, you mean this will automatic convert, if I put md5 hash in db of vanilla Or I should code a convert from md5 to phpass? kelvin
  • You can't convert them yourself without knowing their password. " is converted on-the-fly to PHPass and then saved back to the database." # 10
  • sorry, I didnt read. yeah on-the-fly easy nice..thanks for support
  • Is there a way to set the type of hash when passwords that are changed? By default it uses the phpass but I need it to be md5.
  • See this discussion:
  • How do I translate this to alphanumeric?

  • @Bentot, MD5 is alphanumeric. alphanumeric = Letters & Numbers

    The secret to that MD5 though is "blablabla"
Sign In or Register to comment.