[thelist] md5 hashed password problem

Bob Meetin - 303-926-0167 - www.dottedi.biz bobm at dottedi.biz
Wed Aug 15 13:39:39 CDT 2007

Thank you so much- we have blast off.  I need to write up some steps to 
turn this into a conversion-type routine, but the result was that it 
woks to authenticate and grant access.  I think what i need to do is

1) set old password off for original members and authenticate,
2) capture the password that they entered to successfully authenticate,
3) convert to the new scheme, and
4) change them from flagged, historic to regular. 

Or something thereabouts. Unless I am missing something it seems that I 
should be able to add a password flag field to the members table and use 
an if/else to update this field. Sorry Hassan but this is not ugly and 
annoying to me, more like a life-saver as well as a learning 
experience!  I will let y'all know when I have this working.

Happy Bob

Hassan Schroeder wrote:

So, out of curiousity --  per-connection basis

>> I tried a quick experiment, and it appears that you /can/ set this on a
>> per-connection basis. So all you have to do is flag the moved-over
>> users as 'uses_old_passwords', and then when one of them logs in,
>> do a SET OLD_PASSWORDS="OFF" before the password comparison.

More information about the thelist mailing list