Community mailing list archives

Re: Migrate encrypted user passwords from v6 to v9

Holger Brunn
- 11/07/2016 17:42:25
> What is the proper way to migrate passwords from v6 to v9 ? looks a 
lot like it generates hashes that passlib used in
blob/9.0/addons/auth_crypt/ might just understand. Did you 
ever try to simply move the password column to password_crypt? This might just 
work. I even think I remember to have done exactly that:

[The rest is quite academic, because the above is your solution. But given I 
wrote this text already, I won't delete it] If not, you'll have to take the 
hash apart (separate magic and salt from the hash, split by the dollar sign) 
and craft one passlib understands. If this is not possible (which I doubt), 
you'd have to keep the old hashes in some separate column, and for every login 
check if there exists an old hash, verify it with the v6 code, and write a new 
hash v9 style. Don't forget to clear out the old hash column then.
But still, my guess would be that renaming the column suffices.

Therp - Maatwerk in open ontwikkeling

Holger Brunn - Ontwerp en implementatie