MyBB Community Forums

Full Version: Password of user
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hello. I would like know a thing...
Can an administrator of a forum created by mybb see the passwords of registered users ?

Sorry for the wrong but i'm italian...
As compared to what other forum software ? Xenforo ? vBulletin ? etc.
no, not easily.
They cannot view the passwords in clear text as MyBB by default uses MD5 + Salt hashing techniques.

If the board owner, exported their login tables and used hashcat to crack the MD5 + Salt (not very easy) they could possibly get your passwords.

I highly doubt they'll do that though, so don't sweat it!

Note: if the forum in question uses a custom encryption algorithm e.g. bcrypt then it's going to be harder for them to decrypt the password as the encryption technique is much slower meaning its slower to crack too!
(05-14-2016, 03:16 PM)Consaholic Wrote: [ -> ]They cannot view the passwords in clear text as MyBB by default uses MD5 + Salt hashing techniques.

If the board owner, exported their login tables and used hashcat to crack the MD5 + Salt (not very easy) they could possibly get your passwords.

I highly doubt they'll do that though, so don't sweat it!

Note: if the forum in question uses a custom encryption algorithm e.g. bcrypt then it's going to be harder for them to decrypt the password as the encryption technique is much slower meaning its slower to crack too!

While it's difficult to obtain plain text values from password hashes, there is no guarantee that passwords are not stored in an unsafe manner on third party websites.