Hi Skip,
Sorry, can't be done. A hashed password can't be decrypted, which is usually
a good thing, so there is no way to retrieve the existing password, add a
salt, and calculate the new hash. All I can suggest is you automatically set
a starting password, and turn on the "Require Password Change", so they will
enter a password the first time they sign on, which will be salted. The
starting password should be different for each user, and you need to find a
secure way of communicating it to them.
It really is better security once it's done, but it will be an annoyance
during the transition to a newer OFBiz.
Cheers
Paul Foxworthy
SkipDever wrote
> HashCrypt.getDigestHash() has been deprecated in favor of cryptPassword
> which uses a salt. That is a good thing.
>
> I am upgrading a 9.x ofbiz version to 12.04. We have hundreds of old
> unsalted passwords in the db. Is there a service to replace these old
> unsalted password hashs with the new salted ones?
>
> Thanks
>
> Skip
-
--
Coherent Software Australia Pty Ltd
http://www.coherentsoftware.com.au/
Bonsai ERP, the all-inclusive ERP system
http://www.bonsaierp.com.au/
--
View this message in context:
http://ofbiz.135035.n4.nabble.com/getDigestHash-deprecated-tp4641244p4641329.html
Sent from the OFBiz - User mailing list archive at Nabble.com.
