Generating PHPass for Wordpress Passwords

Question

I am working on an application wnere I need to check for authenticity of user according to his wordpress userid/password. Trouble is, I don't know how to check whether a password is correct or not.

I read at Wordpress MD5 Password that after wordpress 2.5 phpass http://www.openwall.com/phpass/ was being used for wordpress passwords instead of MD5.

Question is, If I have

Username Password in plain text
wordpress Authentication Unique Keys and Salts from wp-config.php
Database access

then How can: 1. I check whether user-name/password combination is correct.

Change password for user
Implement forgot password implementation

Wordpress version 3.0.4, Networked blogs being used with around 20 sites.

I know I should be doing it with native wordpress functions, but in this case it is not an option due to nature of the Wordpress settings.

I've spent over a week on this and still clueless! help would be appreciated.

score 2 · Accepted Answer · answered Feb 14 '11 at 12:49

2

If they implemented phpass without trying to 'improve' the library, you should be able to just use the phpass library to authenticate the users.

http://www.openwall.com/phpass/

answered Feb 14 '11 at 12:49

Jacco

23,534
17
88
105

although i had mentioned the link in my question itself, still selected your answer – Tarun Feb 25 '11 at 08:27
-blinks- how could I not have seen that 8) – Jacco Feb 25 '11 at 12:54

Generating PHPass for Wordpress Passwords

1 Answers1