Moodle 1.9.7 中的旧盐字符串支持是否包括对非加盐密码的支持?
我们有一个活跃的 Moodle 安装最近更新到 1.9.7。该网站以前从未使用过密码盐。我想在系统上启用密码盐,正如 Moodle 现在建议的 1.9.7 那样,但我不确定旧版盐支持设置是否包括对非盐密码的支持。
查看 Moodle.org 上的密码销售文档并不能明确说明这一点(对我来说)如果传统的盐支持还包括对完全不加盐的支持。我的问题是,config.php 中旧盐设置的零长度字符串盐是否意味着支持非加盐密码?
例如,我可以在我的 config.php 文件中添加以下内容:
$CFG->passwordsaltalt1 = '';
$CFG->passwordsaltmain = 'my new salt which is super secure';
并且当前帐户持有者在其密码未加密的情况下仍然可以登录吗?我无法从他们的文档中判断这是否正确,我想知道是否有人成功地做到了这一点。
We have an active Moodle installation recently updated to 1.9.7. This site has never used password salts before. I want to enable password salts on the system, as Moodle recommends now for 1.9.7, but I am not sure if the legacy salt support setting includes support for non-salted passwords.
Reviewing the password sale documentation on Moodle.org doesn't make it clear (to me) if the legacy salt support also includes support for no salt at all. My question is, will a zero length string salt for my legacy salt setting in config.php mean support for non-salted passwords?
E.g., can I add this in my config.php file:
$CFG->passwordsaltalt1 = '';
$CFG->passwordsaltmain = 'my new salt which is super secure';
and have current account holders still log in if their password isn't salted? I can't tell if this is right from their documentation and I'm wondering if anyone has successfully done this.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我通过测试证实了这一点:启用密码盐不会影响未加盐的登录,因此您不需要为未加盐的密码添加旧条目。
I confirmed this with testing: Enabling a password salt does not affect unsalted logins, so you don't need to add a legacy entry for non-salted passwords.