I have a custom list of users that i need to import and will just bang them into the user table, however i see its using some weird looking hashing, where can i see exactly in the code where these are generated so i can adapt.
Md5 isnt it
I've noticed in the table there is a HashMethod and this by default looks to be 'Vanilla', im just trying to work out where this can be set, and what valid alternatives are.
The hash method more or less uses phppass which is pretty much the strongest, most secure hash you can use.
However, if you put plain text passwords in as hash method Vanilla then users can sign in and their methods will be converted upon first sign in.
You can also use the following hash methods found in /library/core/class.passwordhash.php:
If you have something sort of custom that uses a hash with or without a salt then I recommend using django. It's quite flexible. Passwords in django have the following format:
The algorithm then just does the following to check the password:
algorithm($salt.$password) == $hash