[rt-users] database: user password encryption

jamie baddeley jamie.baddeley at fx.net.nz
Sun Jun 6 18:40:06 EDT 2004


I now have a modified libapache-mod-auth-pgsql debian (woody) package
that in addition to doing standard crypt and md5 encryption, now also
does the base64 encoded md5 variant that is supported by RT.....

If anyone is interested in it let me know. Happy to provide it to anyone
that wants it.

Thanks for the help.

Jamie


On Fri, 2004-06-04 at 01:32, Mike.Frazer at ipay.com wrote:
> Essentially... create the MD5 hash of the password, then convert it to
> Base64.  The Base64 part is necessary to store the password because MD5 can
> sometimes create characters that can't be stored in the database as-is.
> Base64 ensure that the password will be storable and compatible across other
> systems.
> 
> 
> 
> -----Original Message-----
> From: rt-users-bounces at lists.bestpractical.com
> [mailto:rt-users-bounces at lists.bestpractical.com]On Behalf Of Sebastian
> Flothow
> Sent: Thursday, June 03, 2004 8:22 AM
> To: jamie.baddeley at fx.net.nz
> Cc: rt
> Subject: Re: [rt-users] database: user password encryption
> 
> 
> Am 3. Jun 2004 um 05:40 Uhr schrieb Jamie Baddeley:
> > what format does rt store the passwords in?
> 
>  From perldoc /opt/rt3/lib/RT/User_Overlay.pm:
> 
> > _GeneratePassword PASSWORD
> >
> > returns an MD5 hash of the password passed in, in base64 encoding.
> 
> So I suppose that's stored in the DB.
> 
> 
> Sebastian




More information about the rt-users mailing list