[wp-hackers] Password Generation

Johan Eenfeldt johan.eenfeldt at gmail.com
Thu Oct 6 09:45:38 UTC 2011


On Thu, Oct 6, 2011 at 11:26 AM, Scott Wilcox <scottw at lesniakswann.com> wrote:
> User records are now already in place, so I just need to update a few fields and passwords. I'll dig into wp_hash_password, thank you!
>
> On 6 Oct 2011, at 10:24, Alexander Concha wrote:
>
>> On Thu, Oct 6, 2011 at 11:14 AM, Scott Wilcox <scottw at lesniakswann.com> wrote:
>>> Hello,
>>>
>>> I've written a script to process a complex import of users from one system into wordpress. The only part I'm having issue with is generating each users password, as from the database they don't' appear to be straight MD5 hashes of passwords.
>>>
>>> Can anyone shed any light on the correct way to generate passwords?
>>>
>>> Are they concatenated salt and hashes?
>>
>> You can use wp_hash_password. I don't know how are you creating users,
>> but you may want to use wp_insert_user which takes care of that.
>
>

It is much more secure to use the modern password hashes, but
WordPress will work with plain old MD5 password hashes too. It will
automatically re-hash on first login, in wp_check_password().

/ Johan Eenfeldt


More information about the wp-hackers mailing list