I've inherited a migration project. The legacy database has PHPass encryption and the new database is MD5. Is it possible to "upgrade" from MD5 to PHPass and keep data integrity?
Asked
Active
Viewed 544 times
0
-
MD5 is a hashing algorithm, not encryption. – user229044 Jul 30 '15 at 15:25
-
Do you mean to say that the _legacy_ system used MD5 and the _new one_ is built with PHPass? – Michael Berkowski Jul 30 '15 at 15:25
-
Hi @MichaelBerkowski no, the legacy system was Wordpress based so PHPass. The new system has 2 user databases, 1 of which the passwords are stored as PHPass, but the other which integrates with it uses MD5. That makes no sense to anyone, but I didn't build it! – Sully Jul 31 '15 at 16:52
-
@Sully It's really unclear what you're asking. Are you trying to move passwords from MD5 to PHPass, or vice versa? Your title and question body ask for *different things*. That said, neither is possible. – user229044 Jul 31 '15 at 17:30
1 Answers
2
No. The whole point of hashes is that they are not reversible.
To "port" or "upgrade" a hash from MD5 to PHPass (or vice versa) you would need to reverse the MD5 hashing in order to pass the unhashed password into PHPass, which is impossible.
user229044
- 232,980
- 40
- 330
- 338
-
Reversing MD5 IS possible because it's not secure - for example: http://md5.gromweb.com/ if it's possible in a single instance it SHOULD be possible in bulk – Sully Jul 31 '15 at 16:50
-
1@Sully That's supremely silly. Read the site you've linked to - it simply maintains a huge database of millions of common passwords, with their known MD5 hash. That's not a fault or weakness in MD5, and it doesn't let you **reverse** MD5 hashes. – user229044 Jul 31 '15 at 17:21
-
1@Sully And arguing that "if it's possible in single it should be possible in bulk" is incredibly naive. If it takes you a week to crack a single password, yes, it is **possible** to do it in bulk, it might just take you a thousand years. If that's what you consider "possible", then good luck to you. – user229044 Jul 31 '15 at 17:24