Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-20365

Salted Crypt passwords option for external database authentication

XMLWordPrintable

    • MOODLE_19_STABLE, MOODLE_27_STABLE
    • MOODLE_29_STABLE
    • MDL-20365_auth_db_salted_passwords
    • Easy
    • Hide
      • Set up a database for authentication as per the standard usage of this module.
      • Ensure the password field allows at least 62 characters.
      • Set Site Administration > Plugins > Administration > External Database > * Password format to "salted crypt()"
      • Update the password field for a user with a command such as:
        UPDATE user SET passwd=ENCRYPT('12345','$5$hdus85k$');
      • Try to log in with an incorrect password and ensure it doesn't work.
      • Log in using the user name and the password set above. (12345 in the example). Ensure it works.
      Show
      Set up a database for authentication as per the standard usage of this module. Ensure the password field allows at least 62 characters. Set Site Administration > Plugins > Administration > External Database > * Password format to "salted crypt()" Update the password field for a user with a command such as: UPDATE user SET passwd=ENCRYPT('12345','$5$hdus85k$'); Try to log in with an incorrect password and ensure it doesn't work. Log in using the user name and the password set above. (12345 in the example). Ensure it works.

      This patch adds an option to use Salted Crypt passwords for the password format with external database authentication. Unix passwords are often encrypted with salt characters. The salt characters become part of the encrypted password. To test a new plain password to see if it's valid, you must encrypt the new password it with the same salt characters as the old password, then compare the result.. Salted Crypt passwords happened to be used in the database of the system I needed to authenticate against. Hence this patch.

        1. patch.2.x.txt
          4 kB
        2. patch.txt
          4 kB

            raymor Ray Morris
            ruzam Scott
            David Monllaó David Monllaó
            Sam Hemelryk Sam Hemelryk
            Adrian Greeve Adrian Greeve
            Votes:
            3 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated:
              Resolved:

                Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.