Convert a password the Magento way 1 comment


Here’s how to convert passwords from plain text to the alghorithm used by Magento.

This can result useful when you need to import users from an external application which was managing passwords with no encryption.

First of all a bad news: if you want to import encrypted password ( for example MD5 ), if you don’t have a secure reverse lookup DB you won’t be able to import the customers in the Magento store without resetting their password.

So, let’s assume we already imported the customers from magento import tool and they can’t login because their password don’t fit Magento’s way, which is defined this way ( read it as a PHP developer Smile ):


md5(salt.password):salt

So, to convert all customers passwords you only need to login into mysql and run a single query:


# don't care about my local config ;-)
mysql -u root -e "UPDATE customer_entity_varchar SET value = CONCAT( MD5(CONCAT('salt', value)), ':salt') WHERE attribute_id = '12'"

That’s It..

mainly password for customer stored in ‘customer_entity_varchar’ table.
attribute_id = 5 is for Customer First Name
attribute_id = 7 is for Customer LastName
attribute_id = 12 is for Customer password

More Info : Magento Customer Password is encrypted with the below code:


public function getHash($password, $salt=false)
{
if (is_integer($salt)) {
$salt = $this->getRandomString($salt);
}
return $salt===false ? md5($password) : md5($salt.$password).':'.$salt;
}

Thanks to : http://www.odino.org/112/convert-a-password-the-magento-way
and

http://blog.theunical.com/ecommerce/shopping-carts/magento-cart/magento-customer-password-is-encrypted-with-the-below-code/

Share on Facebook




About Pragnesh Karia

Pragnesh Karia, Open Source Enthusiast, Software Professional, Software Developer, Technical Lead ,Magento, Joomla ,Joomla LMS , Moodel LMS ,PHP ,Mysql, Ajax, Javascript, Jquery, Linux, Fan of Open Sources , Annet Technologies , SEO Analyst , Mootools


One thought on “Convert a password the Magento way