2

Just need a little advice. I have a website based on CodeIgniter and using TankAuth and PHPass. I want to recode the website with another framework (Symfony 2).

Is there any way to allow user to log with their existing password or do I absolutely need to ask them to set a password again ?

Thank you very much :)

Valentin
  • 503
  • 1
  • 3
  • 15
  • Are the passwords already crypted with a salt? – A.L Jan 07 '14 at 01:18
  • Yes, they are. Any way to do this ? – Valentin Jan 07 '14 at 05:53
  • 1
    As seen in the [documentation](http://symfony.com/doc/current/cookbook/security/custom_provider.html#modify-security-yml), Symfony use sha512 with a salt by default. What method did you use exactly (algorithm, number of iterations, etc.)? There is maybe a way to use the same methods on your previous code and with Symfony2. – A.L Jan 07 '14 at 10:08
  • The previous code is from another guy, he used like a weird homemade hashing method :/ – Valentin Jan 07 '14 at 21:09
  • 1
    If it's too complicated or impossible to use this method in Symfony2, resetting passwords may be the only solution. – A.L Jan 08 '14 at 10:09
  • You're right, I think I am going to do that. Thanks for your advice ;) – Valentin Jan 08 '14 at 23:17

1 Answers1

0

The best is to reset all the password and warn users through email or ask them to change the password with the new system.

Valentin
  • 503
  • 1
  • 3
  • 15