MediaWiki

Manual:$wgPasswordDefault

Translate this page
Other languages:
Authentication: $wgPasswordDefault
Default password type to use when hashing user passwords.
Introduced in version:1.24.0 (Gerrit change 77645; git #95a8974c)
Removed in version:still in use
Allowed values:(string)
Default value:'pbkdf2'
Other settings: Alphabetical | By function

DetailsEdit

Default password type to use when hashing user passwords.

Changing the defaultEdit

  1. Check the "DefaultSettings.php" file in the ../includes directory for the available and preset password encryption types.
    (As of MW 1.33: A, B, pbkdf2-legacyA, pbkdf2-legacyB, bcrypt, pbkdf2, argon2)
  2. Add $wgPasswordDefault with the parameter to the "LocalSettings.php" file in case you want to change the encryption, e.g. to restore the old MD5 hashing:
    $wgPasswordDefault = 'B';
  3. In order for the password to be saved in a new format, one login from each user has to be done. This way the database is updated.
    Alternatively you can use the "wrapOldPasswords.php" maintenance script to convert the hashing algorithm of all passwords without waiting for users to log in. Note that this script only works for pbkdf2-legacyA, pbkdf2-legacyB.
  4. Check the MySQL-database whether the new format has been applied to the fields. 
    Select user_password from wikidbname.user where user_password like ':B:%';

See alsoEdit

Retrieved from "https://www.mediawiki.org/w/index.php?title=Manual:$wgPasswordDefault&oldid=5039892"