I have successfully managed to implement zfcUser in a project I am working on. BUt I do have one question, is there a way I can change the password hashing mechanism. I have read the documentation that came with zFcUser and I am aware of the risks involved, but for this purpose, I am trying to keep the passwords the same as they are for the time being until I am convert all my users to a more secure method.
The current password system, makes use of a random salt that gets encrypted with sha1 and in turn the passwords in encrypted with the salt and again with sha1. Essentially, the basics of the current encryption system are as follows: 1. random salt ($salt) is encrypted $encrypted_salt = sha1($salt) 2. Submitted password get encrypted along with sha1($encrypted_salt . $givenPassword) How can I modify zfcUser to allow me to keep this method of encrypting my passwords? Many Thanks -- View this message in context: http://zend-framework-community.634137.n4.nabble.com/ZfcUser-Password-Hash-Mechanism-Change-tp4659332.html Sent from the Zend Framework mailing list archive at Nabble.com. -- List: [email protected] Info: http://framework.zend.com/archives Unsubscribe: [email protected]
