[wp-hackers] Client side password encryption

James Davis james at freecharity.org.uk
Sun Mar 16 18:04:46 GMT 2008


On 16 Mar 2008, at 09:27, Viper007Bond wrote:

> Is it even possible? I can't think of a way to take the MD5 of the  
> password
> and use it to check the password due to the salting. I can't MD5 the
> original password and compare it to the submitted hash as the original
> obviously isn't stored anywhere.

I think (I'm away from home and unable to check precisely) that when  
I coded the new password functions things were left pluggable in the  
right places to allow you to use a different hashing algorithm. If  
you really wanted to use this plugin, you might be able to write  
another plugin that reinstates plain MD5 passwords. Please let me  
know if this isn't the case. :-)

James


More information about the wp-hackers mailing list