Manual:$wgPasswordDefault
Access: $wgPasswordDefault | |
---|---|
Default password type to use when hashing user passwords. |
|
Introduced in version: | 1.24.0 (Gerrit change 77645; git #95a8974c) |
Removed in version: | still in use |
Allowed values: | (string) |
Default value: | 'pbkdf2' |
Other settings: Alphabetical | By function |
DetailsEdit
Default password type to use when hashing user passwords.
Changing the defaultEdit
- Check the "DefaultSettings.php" file in the
../includes
directory for the available and preset password encryption types.
(As of MW 1.33:A
,B
,pbkdf2-legacyA
,pbkdf2-legacyB
,bcrypt
,pbkdf2
,argon2
) - Add
$wgPasswordDefault
with the parameter to the "LocalSettings.php" file in case you want to change the encryption, e.g. to restore the old MD5 hashing:$wgPasswordDefault = 'B';
- In order for the password to be saved in a new format, one login from each user has to be done. This way the database is updated.
Alternatively you can use the "wrapOldPasswords.php" maintenance script to convert the hashing algorithm of all passwords without waiting for users to log in. Note that this script only works forpbkdf2-legacyA
,pbkdf2-legacyB
. - Check the MySQL-database whether the new format has been applied to the fields.
Select user_password from wikidbname.user where user_password like ':B:%';