0

Good day!

I need to check the password to make a login in my windows phone application. The password in Joomla is crypted, then to login I have to crypt the password before.

I know that joomla uses MD5 cryptation with {hash}:{salt}, but my password in joomla db looks like:

Real password: password Password in joomla db: $P$DZo3PBeZgkmwlrCrTHfZDk8trTqz5K1

what is the possible way to create the password ?

Thank you.

Youssef El Akhal
  • 3
  • 3
  • If the joomla uses it's own cryptation, why would you want to hash your plane password when logging in? Shouldn't joomla handle that itself? Just asking. – Tarec Mar 27 '14 at 15:03
  • I'm developing a windows phone app, then by a web service call I log in the user, for logging in I have to send the username and the password already encrypted. – Youssef El Akhal Mar 27 '14 at 15:23
  • check this and use API concept http://stackoverflow.com/questions/21304038/joomla-3-2-1-password-encryption/21304362#21304362 – Jobin Mar 27 '14 at 15:30
  • @YoussefElAkhal Sending a hashed password to the server is unusual. There are ways to do this correctly (both the server and the client do part of the hashing), but you probably shouldn't do so. Just send the username/password as plaintext over SSL. – CodesInChaos Mar 27 '14 at 16:47
  • As you see, Joomla does not use salted MD5 any more. And also @CodesInChaos is right, it would be pretty self defeating to send an encrypted password. Joomla has APIs for managing encryption, authentication and authorization and you should just use those. – Elin Mar 27 '14 at 18:02
  • Thank you for those informations, I will search and look about Joomla APIs! – Youssef El Akhal Mar 27 '14 at 20:31

0 Answers0