I am migrating my users on joomla running virtuemart to magento but want to keep our existing passwords which are already salted.
I can import the users into magento but the passwords dont work as they are hashed differently.
Joomla / Virtuemart HASH = md5($password.$salt);
Magento HASH = md5($salt.$password);
An example password looks like:
So it seems both joomla and magento use the same password format as in HASH:SALT only the hash is generated differently.
Magento prepends the hash to the start of the password where joomla appends it to the end. Otherwise they are practically the same.
Now i understand that the hash is irreversible once created so i’m not looking to reverse it or anything. My goal is more a less to modify magento so that it can understand the joomla passwords but at the same time i want to keep the default magento method active so that new registrants use magento’s default password format.
I’ve already partially solved my problem by modifying Mage_Core_Model_Encryption::validateHash
return $this->hash($hashArr . $password) === $hashArr;
return $this->hash($password . $hashArr) === $hashArr;
Using this i can import my user passwords directly and login to them without problems. The only downside to this is that the admin password stops to work and i can no longer access the backend. I figured it was because the admin user was created with the default magento password hash but after changing the password it still doesnt want to work.
If i can get the admin to work with the above this is an option for me, one which id be happy to use but i think for this to work safely and to prevent any issues with updates, etc it needs a little more modifying.
Preferably it should first verify against magento’s password hash, if that fails it would go on to verifying against the joomla password hash, and finally if neither verified it would return the error. Theres also the possibility of updating the password to the default magento hash at login as magento has the customers password.
So thats basically what i’m hoping to do here. I’m sure it sounds more complicated than it is :D.
Would anyone know how to do something like this that would care to help.