Magento

Hi,

I try to import some thousand customers from a different system and I wonder how I can do this with the passwords which are currently plain md5 encrypted.

Magento uses a kind of salt technology which is fine but how to import the customers so that they can log in?

Thanks a lot!
Georg
PS: Asking them to ask for a new pwd is not an option
PPS: Rewrite the authorization process and delete all the salt-thing isnt an option either :/

If you understand french go here :  http://www.fragento.org/Questions-de-programmeurs/2938-Import-des-clients-mot-de-passe.html
someone found the solution

A little translate :

1. Chose a salt , for example “Yp”
2. add the salt before the password and crypt the password using MD5 . For example if the password is “toto” you have to crypt “Yptoto”
3. In the field password_hash of your csv import file, put the result of the point 2 and add “:Yp” as a suffix

Don’t thank me if it’s works, thanks Olixelle

Hi,

thanks but I got the passwords already as md5, sorry if there was a misunderstanding!
So i got already a md5 hash of “toto”?

I guess there is no way now?

Thanks
Georg

Isn’t this situation handled by the oscommerce customer import routines? I haven’t tested it out yet.

no oscommerce uses the same salt technique as magento, so you can just take the password hash as it is

Georg,

Did you ever find a solution to this?

Travis Cable

no sorry

Just the topic I’ve been struggling with for the last three days. I don’t see a prompt or module to import my large list of customers from my old cart. Really don’t care about passwords, since I could just email them a temporary one and ask them to change it later. Could it be possible that a store like Magento would not have a simple, visible way to import an entire list of customers? or is it that I just don’t see it?

Click thumbnail to see full-size image

Uckflibs,

First of all - love the avatar and username. In the Admin go to System > Import/Export > Profiles: you should see a profile there for exporting customers and one for importing.

--
Travis Cable

THanks Travis.
That is what I wanted.=> Admin go to System > Import/Export > Profiles
Hope that works for my app.

By the way, I recommend using .xml spreadsheets for Customer Imports and .csv for Customer Exports. It took me an hour of testing to figure that out.

You could always try cracking the MD5 - there’s a risk you could get a list of three different possible passwords or so (which wouldn’t do you much good), but apparently MD5 is pretty insecure without the salt.

Georg,

Apparently you do not need the salt! You can import your plain MD5 hashed passwords into Magento and they will work. The salt is optional.

I m also trying to import customers through csv files but i think profile is not perfect,
password is going to encrypted n in store customer would not be able to login within its normal password,
customer must enter the encrypted encrypted password, there is no scope of multiple (billing/shipping) address through csv files…
must need some changes by core team..

Magento will import ur passwod in encrypted form so make one simple function in ur adapter
in that make setPassword method not setHashPassword....
so ur password will be saved in encrypted form in database but u can access ur account with normal password
which u’ve provided in csv file
it will work perfectly…

I found the solution for importing plain unsalted md5 passwords in magento. You need to add a : to the end of the md5 hash. I just tried it and it works.

http://www.magentocommerce.com/boards/viewthread/16700/