[rt-users] RT3 encryption
Scott T. Cameron
karn at routehero.com
Wed Nov 26 09:00:51 EST 2003
On Tue, Nov 25, 2003 at 09:49:24PM -0800, Robert Spier wrote:
> > How are the passwords stored in the database? It looks like an MD5
> > hash without a salt. We're attempting to migrate from the internal
>
> MD5 itself doesn't use a salt.
>
> And RT doesn't add one.
>
> RT::User_Overlay.pm ...
> my $md5 = Digest::MD5->new();
> $md5->add($password);
> return ($md5->b64digest);
Right. Do you know if there's a way for apache's 'htaccess' mechanism to read a salt-less MD5 password? I haven't been able to get this to work yet.
Scott
More information about the rt-users
mailing list