You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@openmeetings.apache.org by aa...@gmail.com on 2018/09/21 14:31:23 UTC

user passwords in database

Since running OM I have had users register directly to OM and that was their
frontend to login.  I have now implemented a new front end CSM that requires
a login process; each user will use a created invitation link to access the
rooms inside OM (no more direct login to OM for users).  My question is.
Since all the user names and passwords are currently stored the local MYSQL
database is there a way to export and un-hash the passwords so I can
re-create the accounts in the CSM front end?  I was going to just create the
accounts and just have each user change their password, but was going to try
making this as seamless as possible.

 

Since I will now be using invitation links; we talked about it before (JIRA
- 1846) on needing a way to invalidate and endless invitation.  Currently
only way to remove an invitation is to manually go into the db and delete
the entry.  Is this something we can look at implementing in OM5.  Currently
I do not see the need that great for taking time to develop for the current
version, but maybe something that would be useful when moving forward.

Re: user passwords in database

Posted by Maxim Solodovnik <so...@gmail.com>.

Hello Aaron,

I believe it is impossible
Several versions ago crypto hashing was improved ....

OM-1846 will definitely be implemented (sooner or later)
Currently working on 5.0 :)
For Moodle plugin we are using one-time hashes, seems to work as expected ...
On Fri, 21 Sep 2018 at 21:31, <aa...@gmail.com> wrote:
>
> Since running OM I have had users register directly to OM and that was their frontend to login.  I have now implemented a new front end CSM that requires a login process; each user will use a created invitation link to access the rooms inside OM (no more direct login to OM for users).  My question is.  Since all the user names and passwords are currently stored the local MYSQL database is there a way to export and un-hash the passwords so I can re-create the accounts in the CSM front end?  I was going to just create the accounts and just have each user change their password, but was going to try making this as seamless as possible.
>
>
>
> Since I will now be using invitation links; we talked about it before (JIRA – 1846) on needing a way to invalidate and endless invitation.  Currently only way to remove an invitation is to manually go into the db and delete the entry.  Is this something we can look at implementing in OM5.  Currently I do not see the need that great for taking time to develop for the current version, but maybe something that would be useful when moving forward.



-- 
WBR
Maxim aka solomax