Hi all,
I am trying to import users (customers) from another e-commerce solution into CS-Cart Ulitmate. Most of the data is ok, but I am struggeling with the passwords. The passwords are MD5 encrypted (I think) and I got the hash and the salt in excel. I am a little uncertain how to proceed. I assume I have to desalt the passwords and import them “unsalted” into CS-Cart?
Have anyone done this before?
Why don't you just inform existing customers to request a password reset ? might save you a world of pain.
md5 does not use a hash nor a salt. So if you're having to provide these, then your passwords are probably blowfish (or other) encrypted versus md5.
But @kickoff3pm is right/
Many systems use md5 salted hash. vbulletin forum for example: https://www.vbulletin.com/forum/showthread.php/378453-VB4-Password-Hash-Encryption?highlight=salted
Try gain something for your misfortune…
“New Site - Lots of New Features - Sorry your password will need reset, log-in here to reset your password and receive (X BONUS/DISCOUNT) for the inconvenience caused”
Something along those lines, a quick and easy newsletter e-mail to all customers and hopefully get returning customers.
That's simply md5 encoding and md5 encoded value (double call to md5()).
Cs-cart does only uses a single call to md5. I.e. md5(“password”).
Thanks for your replies. Yes I think I will go for an e-mail to existing customers explaining a little bit about the new website and that they must reset their password. 