How do I decrypt and encrypt Joomla user password for Java program?
Question
I have programed a Java program which has access to my MySQL database. Currently I am using Joomla as CMS, therefore I would like to program my Java program so it is able to check the user data(of Joomla) to access the database.
If it isn't possible: Which encryption should I use so I can use it later for my websites ?
Right now my program is just comparing if the Strings in user field and password field with the data from the MySQL database.
I am new to Encryption/Decryption. Any tips how I should approach this subject is appreciated.
thanks in advance
greets
THE-E
2 answers
solution1
2 ACCPTED 2013-06-14 09:34:30
You shouldn't be seeing any plain text passwords in your database. I don't know for sure how older versions of Joomla do it, but the current ones save passwords in the following format:
md5([password][salt]):[salt]
Where you'd obviously replace [password] with the password and [salt] with the salt. For instance you might see the following string in the password field of your user table
dc0ea62a2aebf85100609bb67c6886a8:yh9MbHU5hR6ydbd8mCw6bQzCrRFYEI3E
The part after the colon is the salt, and the part before the colon is the md5 hash of the password and the salt. Now I can tell you that the password here is 'test'. And that the string is: md5(testyh9MbHU5hR6ydbd8mCw6bQzCrRFYEI3E):yh9MbHU5hR6ydbd8mCw6bQzCrRFYEI3E
solution2
0 2013-06-12 22:29:15
In essence what you want to do is as follows. when you store the password encrypt it. when a user enters a password in to a form encrypt that, and compare it to the encrypted password in the database.
what you dont want to do, is un-encrypt the stored password and compare it to the form input.
in PHP i use Bcrypt.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.