2. PHPRunner General questions
  3. [SOLVED]  Using Encrypt Password In User Login Setting
This topic is locked
[SOLVED]

 Using Encrypt Password In User Login Setting

 		5/2/2013 8:57:26 PM
PHPRunner General questions
P
 phpcmk author

Hi,
I am trying to do 2 different projects using the same version of phprunner. However, I notice that 1 project i can use "Encrypt passwords" option and the other one I can't seem to find this option. Is this a bug?
Steps:

  1. Under "Security" tab > click on "User login settings..."
  2. Under "Password and login management", there should be a checkbox "Encrypt passwords" option.
    In my database, I try to change the password with MD5 function and when I try login to the project I done, I am not able to login. Previously, once I tick on "Encrypt passwords", I am able to login.
    Please kindly advise. Thanks.
admin 5/3/2013

Password encryption in PHPRunner 6.2 Enterprise Edition was replaced with data encryption. A quick recap on old and new password encryption schemas.
Old versions of PHPRunner (prior to 6.2) use MD5 for password encryption. This is not an encryption though, just a one way hashing and MD5 algorithm is weak.
PHPRunner 6.2 Enterprise Edition adds a new option to use DES encryption to encrypt both data and passwords. However if you open a project created by older version of PHPRunner that uses MD5 password encryption - PHPRunner 6.2 will continue using MD5 encryption for compatibility.
Hope this makes sense.
P
 		phpcmk author 6/11/2013

Hi,
I have a database which contain a table with all user login details, this database is used by an application (NOT done using PHPRunner).
The password in that table is in MD5 format and I do not want to touch this application/database at all.
Now, I done an auto-sync to sync the password and username to another database daily. However, the password will be in MD5 format.
Please kindly advice the steps that PHPRunner Enterprise 6.2 can identify the password? Thanks.
Example:

Password: 'halo'
User need to type 'halo' as password and not the 32 char(MD5) as password