When users login successfully just take the password form the request data and hash it using Blowfish.
Store the the new hash in a new column.
Delete the simple hash for that user.
Modify your login to match Blowfish as well as Simple hash for some time. Once all your users have logged in at least once you can refactor it to use only Blowfish
I do trust you have everything over SSL...
T
On Fri, Oct 31, 2014 at 4:02 AM, gonzela2006 <gonzela2006@gmail.com> wrote:
--Hi,How can I migrate my users passwords from SimplePasswordHasher to BlowfishPasswordHasher without interrupt my users to change their passwords?Thanks
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscribe@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/d/optout.
=============================================================
Hire a CakePHP dev team : http://sanisoft.com
=============================================================
Hire a CakePHP dev team : http://sanisoft.com
=============================================================
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscribe@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment