Password Formula

Joshua F

Member
I was going to make a 3rd-party login system for a site I'm helping with and was wondering what the password formula is to check if the password is correct.

Many thanks,
Joshua F
 
Unless I'm mistaken, the hashing algorithm for XenForo is either sha1 or sha256 (depending on whether it's installed), with a salt appended to it, then re-hashed using either sha1 or sha256 (again).

Examples, SHA1:
PHP:
$password = sha1(sha1($password).$salt)

SHA256 (not actual PHP code, just for illustrative purposes):
PHP:
$password = sha256(sha356($password).$salt)

You can authenticate a password using XenForo_Authentication_Abstract::authenticate()
 
Top Bottom