Comments on: MD5 Password Hashes for 2.5

By: WordPress Wednesday Special Edition: WordPress 2.5 : The Blog Herald

WordPress Wednesday Special Edition: WordPress 2.5 : The Blog Herald — Thu, 03 Apr 2008 14:14:53 +0000

[...] Ryan Boren – MD5 Password Hashes for 2.5 [...]

By: Daniele Muscetta

Daniele Muscetta — Sun, 30 Mar 2008 21:09:08 +0000

Ok, nevermind my previous comment – I’ve figured it out

By: » WordPress 2.5 in italiano » WordPress Italy

» WordPress 2.5 in italiano » WordPress Italy — Sun, 30 Mar 2008 11:39:49 +0000

[...] per autenticazioni anche con altri programmi che non supportano il nuovo sistema di codifica, Ryan Boren ha realizzato un plugin che permette di mantenere la vecchia [...]

By: Daniele Muscetta

Daniele Muscetta — Sun, 30 Mar 2008 00:04:11 +0000

Could anyone detail the COOKIE improvaments, instead?
I am trying to upgrade a pluging that was using another authentication scheme, and I need to generate the cookie.

wp_set_auth_cookie($UserID) seems like a no brainer function to use… (I was using the wp_setcookie before and obviously have to change that piece of the plugin…)… yet it is not working so far. It is probably something very stupid that I am not seeing… I’ll be better off to sleep, and probably tomorrow I will figure it out…

but any hint is appreaciated

By: WordPress 2.5 » Pods.lv - Latvijas interneta pods

WordPress 2.5 » Pods.lv - Latvijas interneta pods — Sat, 29 Mar 2008 20:41:21 +0000

[...] versijā ir izmainījuši paroļu glabāšanas sistēmu, var palasīt sīkāk par to kāpēc tas bija nepieciešams. Ja kāds izmanto savu wordpress bloga [...]

By: Otto

Otto — Sat, 29 Mar 2008 18:06:30 +0000

Alan: The algorithim basically converts the old passwords to the new hash at the time of login. The way it works is that it looks at the password field when the user logs in, and if it sees a 32-byte value, it presumes that it’s an old-style MD5 hash that has not been converted yet. It lets the user login and then converts the password.

So, you actually can still put MD5 passwords in manually using phpMyAdmin, and then they’ll get converted to the newer hashing scheme when that user first logs in.

By: Neil

Neil — Sat, 29 Mar 2008 15:09:08 +0000

cheers for the tips viper, just made that back-up! Time to up-grade!

By: btard

btard — Sat, 29 Mar 2008 07:21:10 +0000

@jsherk – the plugin is linked from the word plugin: http://wordpress.org/extend/plugins/md5-password-hashes/.

Seems like anything that will tighten up the ship is a good thing. Two thumbs up.

By: Viper007Bond

Viper007Bond — Sat, 29 Mar 2008 06:52:31 +0000

Neil: Upgrades are technically a one-way process. “Downgrading” is a good way to break you blog. You’re lucky though that there are are few DB changes between 2.3.x and 2.5. Next time, just make sure to backup your database before upgrading and then restore that backup if you wish to revert to the old version. You’ll save yourself a lot of future trouble.

Ryan: This is awesome. Thanks for this plugin.

By: Neil

Neil — Fri, 28 Mar 2008 17:19:56 +0000

Great news, just what everyone needed. I upgraded to 2.5 RC2 and then downgraded soon after…lost access to my blog. The only way it can be fixed is through phpmyadmin, deleting the field which contains the password, get a new one and everything should work again. But now that we have this great plugin, then its not necessary. Cheers guys!