Password Authentication Schemes


Well-known member
Now that I look at the database I see how there's a "XenForo_Authentication_vBulletin"

Where can I modify this?

Edit: Nevermind, I found it. There's a folder called Authentication, go figure.

Now I see I can create my own authentication scheme easily by modifying an existing one.

The problem would be setting them per user.

A temporary fix for those importing from another software using vBulletin as an intermediate would be to modify vBulletin.php directly.

I don't think there is an AdminCP option to do this. I assume this is planned but not in the beta?


Well-known member
Perhaps someone that actually knows how to code can help me out.

I am trying to get SMF passwords to work, they authenticate by sha1(strtolower($user) . $password)

My test data uses an SMF database imported via Impex to vBulletin, normally Impex would store the imported password as: md5(md5(sha1(strtolower($user) . $password)) . salt)

However, I managed to modify it so that the passwords are kept as sha1(strtolower($user) . $password)

Is there a way to modify /library/Xenforo/Authentication/vBulletin.php to accept sha1(strtolower($user) . $password)?

I also notice in the xF database in the xf_user_authenticate table, there's a remember_key column. What is this?

Thanks to anyone that can help!