WordPress › Support » How to check for the right password?

eronyx
Member
Posted 8 months ago #

I need to write a specific authentication function for a 3rd party software (which takes data from mysql db) and will be available only for users which are registered in wordpress.

after a few hours of search I still failed to find how that password is generated for wordpress - the only thing i found is that it is md5 - but from what i see it does not look at all as md5
having this structure:
$P$BxdPfJryDUpkH1x0Oy*******Gu9Mw. (******* - removed for security purposes)
and knowing the user and password how to generate that format again and check if that is the right password? do they use base64 or any other encryption algorithm?
also I noticed that many passwords start with $P$B so I think this can be removed for processing the other part - but still have npo idea what to do with the rest.

could someone please advise how to do that?
esmi
Theme Diva & Forum Moderator
Posted 8 months ago #

the only thing i found is that it is md5

It's no longer md5 encrypted. WP uses it's own internal class to encrypt passwords.
eronyx
Member
Posted 8 months ago #
ok found smth else while waiting for answer

http://codex.wordpress.org/Function_Reference/wp_hash_password

then the description of class can be found in class-phpass.php that can be used for this
I hoped to find something easier -but will need to use that class I guess
```
<?php
$wp_hasher = new PasswordHash(8, TRUE);

$password_hashed = '$P$B55D6LjfHDkINU5wF.v2BuuzO0/XPk/';
$plain_password = 'test';

if($wp_hasher->CheckPassword($plain_password, $password_hashed)) {
   echo "YES, Matched";
}
else {
   echo "No, Wrong Password";
}
?>
```

Reply

You must log in to post.

WordPress.org

Forums

How to check for the right password? (3 posts)

Reply

About this Topic

Tags

Code is Poetry