This time just a quick post as I am in a hurry. Ever wondered how to change your Wordpress password in case you have forgotten it? In early versions Wordpress used the MD5 hashing algorithm to “encrypt” the passwords of a user. Nowadays Wordpress uses the Portable PHP password hashing framework (PHPASS) instead of MD5 hashing since version 2.5 (see this ticket) – so you cannot simply MD5 hash a new password and enter the digest into the database anymore. You have to encode it using the framework mentioned above.
Today i have implemented the PHPASS framework and turned it into a mainframe8 tool called the Wordpress password hasher. Use it to convert your new password into a “encrypted” hash and insert it into the wp_users table of the wordpress database. I will write a detailed howto later.
6 Comments
Greatings, Super post, Need to mark it on Digg
AnnaHopn
Hi,
I want to convert add all the wordpress user to joomla so that they can use their same username and password when they login to new joomla site, so i am getting PHPASS password from wp_users table so how do i convert that to MD5 hash so that i can enter it in joomla user table.
Thanks in advance
Hi Dipesh,
thanks for your comment.
So you want to migrate the users of Wordpress to Joomla (continously perhaps). Unluckily you cannot convert the Wordpress users’ passwords to their plaintext values and then reencode them by MD5 for Joomla. They are hashed, so you’ve got bad luck there. Of course you could try to crack them but they’re salt-hashed so there is less chance you could achieve that.
BUT: you could adopt the PHPASS algorithm for use in Joomla! That should not be that hard. So you can simply change 1) the password hashing in the Joomla registration process and 2) the password check of Joomla.
Then migrate all passwords from Wordpress to Joomla and you’re done.
Plan B: convert the password hashing for Wordpress from PHPASS back to MD5 and you save yourself from the hassle of changing Joomla code. But you must live with less security of your Wordpress installation then.
Did this help you, Dipesh?
Does someone else have a comment on this? Tell us how you would do it!
Thanks for implementing this for the rest of us, it worked great.
I’m glad to help, Alan. Thanks for your feedback!
3 Trackbacks
[...] more from the original source: New Wordpress password hasher tool Posted in PHP | Tags: a-new-password, a-quick-post, change-your, encode-it-using, [...]
[...] View post: New Wordpress password hasher tool // stotti.blog() [...]
[...] the other day, comes in handy if you need to reset a wordpress password in database. Check out the “New Wordpress password hasher tool”. It used to be md5() but that has changed. When you move and alter Wordpress blogs you sometime [...]