1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.3 The password storage type in xenForo

Discussion in 'XenForo Questions and Support' started by faeronsayn, Jul 2, 2014.

  1. faeronsayn

    faeronsayn Well-Known Member

    I've heard since xF v1.2 passwords are now encrypted through bcrypt. Does xenForo use the password_hash() function found in php?

    Also, are the hashes stored in xf_user_authenticate table? If so, are they stored in the remember_key column?

    Also what is the scheme_class there for? Does it specify which hash type / algorithm is being used?
  2. Liam W

    Liam W Well-Known Member

    XenForo_Authentication_Core12 is the class used to generate authentication strings in 1.2+.

    It uses the XenForo_PasswordHash class, which doesn't use the function you said.

    The actual hash is stored in the BLOB data field.


Share This Page