Password Encryption / Hashing

Brought to you by: canajun2eh, yalnifj

#429 Password Encryption / Hashing

Milestone: phpGedView

Status: open

Owner: nobody

Labels: It would be COOL if it did... (440)

Priority: 5

Updated: 2005-05-15

Created: 2005-05-15

Creator: Laie Techie

Private: No

This is an attempt to make phpGedView easier to
integrate with a CMS.

Would it be possible for the admin to specify how the
password is stored? I suggest plaintext, crypt, or
md5. Of course other algorithms could be added.

Currently the login API passes in the password in
plaintext, so it shouldn't matter. However, your
documentation dictates that the password (as returned
by getUser) be hashed with crypt. Could we not just
add a key/value pair to specify the algorithm (and
another one to indicate the salt or key if it is needed
for that algorithm)?

Discussion

Laie Techie - 2005-05-31

Logged In: YES
user_id=1278885

Related to this, could $newuser['password'] passed to
addUser be in plain text so that other CMS could do their
own hashing / encryption?

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Password Encryption / Hashing

Group

Searches

Help

#429 Password Encryption / Hashing

Discussion