You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ofbiz.apache.org by Michael Brohl <mi...@ecomify.de> on 2018/08/17 12:10:33 UTC

Password hashing algorithm changed?

Hi devs,

I just noticed that we seem to have a password hashing change in trunk, 
see example:

Old has for a password: |{SHA}47b56994cbc2b6d10...|
New hash for the same password: |$SHA$.VskyitfRUpf$oXN....|

Can someone point me to the discussion and/or Jira/commit for further 
informations?

Thanks,

Michael

Re: Password hashing algorithm changed?

Posted by Jacques Le Roux <ja...@les7arts.com>.

Le 17/08/2018 à 14:10, Michael Brohl a écrit :
> Hi devs,
>
> I just noticed that we seem to have a password hashing change in trunk, see example:
>
> Old has for a password: |{SHA}47b56994cbc2b6d10...|
> New hash for the same password: |$SHA$.VskyitfRUpf$oXN....|
>
> Can someone point me to the discussion and/or Jira/commit for further informations?
>
> Thanks,
>
> Michael
>
>
>
Hi Michael,

I guess you are looking for this https://markmail.org/message/ai3o3c5nyu4uvonp ?
But it was 8 years ago, so maybe it's something else?

I did not find the related commits, but this one http://svn.apache.org/viewvc?view=revision&revision=1327736
Maybe you can try this https://s.apache.org/g2Wx

Jacques