The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
How does vBulletin encrypt passwords?
I'm mucking around with AJAX at the moment, and want to make a quick register tool. Only thing is, I don't know how vB encrypts passwords. I'm assuming it would be using MD5, but I don't know if salts are involved >_> Any light shed on this mystery would be helpful!
Thanks! |
#2
|
||||
|
||||
The password would be represented like this in MySQL:
PHP Code:
|
#3
|
|||
|
|||
Ah, thought there might be a salt involved... Trouble is, where is it defined?
|
#4
|
||||
|
||||
user table, salt column
|
#5
|
||||
|
||||
Each user has their own individual salt - This is created when they register and is stored in the user table in the database
Chris |
#6
|
|||
|
|||
Oh ok! So, if I first generate a random string (an equal length to the normal salt), apply it to the MD5 function, and then insert both the password and the generated salt into the database, will everything work ok?
|
#7
|
||||
|
||||
Client side you simply md5 it. Salting is applied server side. If you are replacing the vb registration routine the formula is
md5(md5(originalPasswordString) + salt) That's what is stored in the database, along with the salt. |
#8
|
|||
|
|||
Just use the DataManager to create the user. Salt will be created automatically.
|
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|