MyBB Community Forums

Full Version: Turn off Password Salt :(
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hey, im programming a Software on my PC, where users can Register. And i want to connect the Databse of my myBB Forum with the Tool.

But myBB is "Salting" the Passwords :/ How can i turn the saltings off? So it just normally MD5's. :/
You can't unless you modify the core functions for logging in and registering. An un-salted password is unsecure though, so it's advised you salt the password.
can someone modify it for me :/? Coz it really sucks :/
Or adapt your system to read salted passwords.
This would take more time than recode the mybb funcs Big Grin
(2011-06-27, 04:51 PM)mexico Wrote: [ -> ]This would take more time than recode the mybb funcs Big Grin

Actually, no it wouldn't. Since you'd have to have every single MyBB user reset their password. Not to mention being unsecure.

What you can do is use the following in your program (assuming your program user uses the same password as their MyBB account, this is written in PHP):
// Check against a salted password with encoded password $epw
function mybb_validate($epw)
{
   // put in some code here to connect to your MyBB database and read the password and salt fields, reading them into $user var...
   if($user['password'] == md5(md5($user['salt']).$epw))
   {
      return true;
   }
   return false;
}
I havent got any Users on my Homepage, i started it yesterday, and im a noob in PHP. I only have knowledge in C++.


Yes my Programm is using the same password as mybb account, it should read it out of the database. But it cant, coz its salted
So make a C++ routine that does what my PHP above does. Obviously you know how to connect to the database and read/submit information via C++.
but how can i check a random genreated string in the db, with the random generated string on my tool :Q
Nothing is random generated in your tool... You said their passwords were the same, but yours is plain md5. If thats true, what I posted above will work.