Advertisement:

Author Topic: Finding User Passwords?  (Read 8864 times)

Offline shanksta13

  • Jr. Member
  • **
  • Posts: 227
Finding User Passwords?
« on: February 09, 2009, 01:33:44 PM »
I have a quick question.  I am integrating my site with Joomla and a large Joomla community component (Community Builder).  Anyway, I need to manually create accounts for my current SMF users on my Joomla site and they need to have the same username and password.  The username is easy, as I can get that from the forum or the forum database.  However, the password is a little trickier since it is encoded in the database.  Is there anyway to decrypt the password into the normal plain text so that I can create the new user accounts on my Joomla installation?

If this is too sensitive to post for security reasons, could someone who knows PM me?

Offline karlbenson

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 15,630
  • Gender: Male
    • Lifeproof
Re: Finding User Passwords?
« Reply #1 on: February 09, 2009, 01:34:35 PM »
SMF passwords are sha1 salted
They are ONE-way encrypted. You can't reverse/undo/revert it.

Offline shanksta13

  • Jr. Member
  • **
  • Posts: 227
Re: Finding User Passwords?
« Reply #2 on: February 09, 2009, 01:39:34 PM »
SMF passwords are sha1 salted
They are ONE-way encrypted. You can't reverse/undo/revert it.

If I were to find out what encryption the Joomla database uses, would it be possible to convert from one ecryption to the other?

Offline H

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 21,662
  • Gender: Male
Re: Finding User Passwords?
« Reply #3 on: February 09, 2009, 01:41:56 PM »
You cannot decrypt SMF passwords. They are hashed with sha1 and a salt.

If you search this site you will find information about integration with Joomla. While we no longer offer an official bridge due to Joomla's license, there are some unofficial ones you can use

Code: [Select]
If I were to find out what encryption the Joomla database uses, would it be possible to convert from one ecryption to the other?
Hashing is not encryption. You cannot convert between different hash algorithms
-H
Former Support Team Lead
                              I recommend:
Namecheap (domains)
Fastmail (e-mail)
Linode (VPS)
                             

Offline shanksta13

  • Jr. Member
  • **
  • Posts: 227
Re: Finding User Passwords?
« Reply #4 on: February 09, 2009, 01:45:22 PM »
You cannot decrypt SMF passwords. They are hashed with sha1 and a salt.

If you search this site you will find information about integration with Joomla. While we no longer offer an official bridge due to Joomla's license, there are some unofficial ones you can use

Code: [Select]
If I were to find out what encryption the Joomla database uses, would it be possible to convert from one ecryption to the other?
Hashing is not encryption. You cannot convert between different hash algorithms

Yeah, I'm using a Joomla bridge already.  I guess I'll just have to have my members reset their passwords.  Cumbersome, but it will work.

Offline Rumbaar

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 15,805
  • Gender: Male
  • Inherent Omniscience
    • Rumbaar.net
Re: Finding User Passwords?
« Reply #5 on: February 26, 2009, 09:01:35 PM »
The bridge should handle all this automatically, as that is the whole purpose of a bridge.  Though I wasn't aware that there was a functional bridge for SMF 2.0.
"An important reward for a job well done is a personal sense of worthwhile achievement."

[ Themes ]

Offline H

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 21,662
  • Gender: Male
Re: Finding User Passwords?
« Reply #6 on: February 27, 2009, 03:24:29 PM »
Our Joomla bridge is no longer supported (due to licensing problems from the Joomla side) so I assume you're using one of the third-party bridges. I don't believe these are integrated quite as well as ours was.

You'll get the best experiences with our official bridges. Mambo and others are supported
-H
Former Support Team Lead
                              I recommend:
Namecheap (domains)
Fastmail (e-mail)
Linode (VPS)