[wp-hackers] New password encription

DD32 wordpress at dd32.id.au
Mon Apr 14 23:28:54 GMT 2008

You can simply replace it with a md5 without having to enable any plugins.

WordPress can determine if the value is a md5 or a phpass hash, If its a  
MD5, then it will validate you based on md5, and then update the password  
hash to a phpass hash.

I had the same problems a few days ago, I needed access to a temp trunk  
install, and i'd forgotten to change the password from the default, I  
simply did an update wp_users set password = md5('test'); and everything  
was up and running again (You might want to add a Where clause to that.. i  
only had one user :))


On Tue, 15 Apr 2008 04:48:25 +1000, Stefano Aglietti <steagl4ml at gmail.com>  

> WIth old method if i lost my password i can force it in the user table
> changin it an setting to cede it MD5.
> With 2.5 this won't work anymore. You will say that I can always get
> new password by email and you are right. But anyone that have some
> expirience in sw assistance to end user knows that people do the worst
> things everytime in the worst way possibile.
> So sometime people come out on forum saying theyr 2 years blog updated
> to 2.5 was all ok bur ask for password and he didn't remeber it, and
> when installed he used a mail he do not use anymore or mistyped by
> mistake or purpose. Or maybe they will always had problem with email
> with that hosting etc etc.. so the solution to touch the database
> changine eamil to get a new one doens't wok too... I kknow sound
> fantascientific.. but i got people like that..
> I was wondering how solve this cases with new password codification
> cause you can't installa Ryan plugin to revert hasing method to pre
> 2.5 etc... any idea?

More information about the wp-hackers mailing list