[ic] Protocol for encrypting passwords on existing system
paul at gishnetwork.com
Tue Sep 27 13:42:17 UTC 2011
> From what I gather in the archives circa 2004, the idea would be to:
#0 Backup Userdb
> #1 Pause sign-ins
> #2 Loop over existing records with the crypt filter, or for Mysql try:
> update userdb set passwordfield=encrypt(passwordfield)
> #3 Turn on UserDB crypt 1
> The only alterations needed to the store itself would be moving from a
> "password reminder" system into a "password reset" system.
> Does this sound complete? Any caveats one should be aware of?
> Thank you
More information about the interchange-users