SitePoint Sponsor

User Tag List

Results 1 to 8 of 8
  1. #1
    SitePoint Member
    Join Date
    Aug 2006
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Unhappy how do vBulletin encrypt passwords

    hello,

    this is a simple question .. how do vBulletin encrypt user passwords

    i'm working on a script and i want to encrypt user passwords in the same way the vb do so i can connect between my script and the vb

    Thanks, Respect

  2. #2
    SitePoint Zealot
    Join Date
    Jun 2006
    Posts
    133
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I believe they md5(), add the salt, and then md5() again.

  3. #3
    Forum Buyer
    Join Date
    Jun 2004
    Location
    United States
    Posts
    811
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Wow I thought they just did md5 salt.

    That's a lotta encryption .
    Founder/Admin of a pretty decent chat forum
    Download free winterboard themes for your iPhone
    I run sites powered by vbulletin and one about the HTC Jetstream.

  4. #4
    . shoooo... silver trophy logic_earth's Avatar
    Join Date
    Oct 2005
    Location
    CA
    Posts
    9,013
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    Its not encryption...
    Logic without the fatal effects.
    All code snippets are licensed under WTFPL.


  5. #5
    Follow Me On Twitter: @djg gold trophysilver trophybronze trophy Dan Grossman's Avatar
    Join Date
    Aug 2000
    Location
    Philadephia, PA
    Posts
    20,580
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by logic_earth View Post
    It's not encryption...
    Depends on your definition, and this would fall well within most general ones (obfuscation of information so that it's not easily readable without special knowledge). Hashing like this just happens to be one-way encryption.
    Last edited by Dan Grossman; Jun 25, 2007 at 16:16. Reason: Now I sound less unfriendly :(

  6. #6
    SitePoint Enthusiast Dunkel's Avatar
    Join Date
    Jun 2007
    Location
    Mexico
    Posts
    59
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Vbulletin uses somethin like this:

    md5(md5('pass').string)

    where the string is a random of 3 characters

    maybe i dont remember exactly how it does the encryptation but is something like that

  7. #7
    Worship the Krome kromey's Avatar
    Join Date
    Sep 2006
    Location
    Fairbanks, AK
    Posts
    1,621
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hashing is indeed encryption, just a form of encryption called "one-way encryption". As opposed to "two-way encryption" which you see in e.g. AES, Blowfish, PGP/GPG, and countless others.

    And Dunkel has it exactly right. I believe the salt is stored in the database on a per-used basis, but yes, that's exactly what vBulletin (needlessly) uses.
    PHP questions? RTFM
    MySQL questions? RTFM

  8. #8
    SitePoint Member
    Join Date
    Aug 2006
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I believe they md5(), add the salt, and then md5() again.
    yes brosther .. that's right
    thanks alot


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •