Hi Skip, Sorry, can't be done. A hashed password can't be decrypted, which is usually a good thing, so there is no way to retrieve the existing password, add a salt, and calculate the new hash. All I can suggest is you automatically set a starting password, and turn on the "Require Password Change", so they will enter a password the first time they sign on, which will be salted. The starting password should be different for each user, and you need to find a secure way of communicating it to them.
It really is better security once it's done, but it will be an annoyance during the transition to a newer OFBiz. Cheers Paul Foxworthy SkipDever wrote > HashCrypt.getDigestHash() has been deprecated in favor of cryptPassword > which uses a salt. That is a good thing. > > I am upgrading a 9.x ofbiz version to 12.04. We have hundreds of old > unsalted passwords in the db. Is there a service to replace these old > unsalted password hashs with the new salted ones? > > Thanks > > Skip ----- -- Coherent Software Australia Pty Ltd http://www.coherentsoftware.com.au/ Bonsai ERP, the all-inclusive ERP system http://www.bonsaierp.com.au/ -- View this message in context: http://ofbiz.135035.n4.nabble.com/getDigestHash-deprecated-tp4641244p4641329.html Sent from the OFBiz - User mailing list archive at Nabble.com.
