How Are The Password Hashed In SMF Database?

[Hercco 0]

I have a gallery system that has a user system using the logins of a phpbb database. However, since I have changed to SMF a while ago, I'd like to convert the system to use my SMF database. I checked and the hashes of the passwords are different in SMF that in phpbb. So does anyone know what kind of function is used to hash the passwords? Would save me lot of time if I didn't need to go digging the SMF sources.

[unimatrix 0]

try looking through the code in the log-in script. Somewhere it has to have a call to what ever encryption scheme they are using.

[WeaponX 0]

I'm not too sure about this, but it might be salted MD5 hash algorithm. I don't know too much about this but there was a user who asked about this before. I think he was working on some mod and wanted to know how the password was encrypted.I don't know what you are doing here exactly, but why not convert the whole phpBB forum to SMF if you want to do the switch? SMF has a converter for this so you can just run it and it will convert the database to be used for SMF instead. Actually if you still want to find out what encryption they use, see if the phpBB to SMF converter has any code that may give you a clue.

[Trekkie101 0]

Passwords in SMF 1.0 are hashed using MD5_hmac and some salt to keep it as secure as possible.SMF 1.1 however uses a completely seperate option that is much more secure, SHA1, if you look in the SMF code youll see it for the login and register screens the SHA1 function, you could copy that code and edit it to do as you wished.Ask at simple machines (http://www.simplemachines.org/) in Coding discussion if your stuck and want to continue, youll find someone there who knows a lot and will be happy to help you.

[Hercco 0]

Thanks for the replies. I actually changed my plans a bit. Iäm no longer using a separate (my own) login system for my gallery, but instead using SMFs system through SSI.php. It is working like a charm and is lot more user friedly too, since users don't need to log in separately for the gallery and the forums.Now only if I got my blog (Wordpress) to use the same logins as SMF I'd have everything under one system.