How wordpress Modifies Encryption Algorithm

the user password of p>WordPress system is stored in the user_pass field of wp_users data table, and the password is generated through the portable PHP password hashing framework class. The form of the password is random and irreversible, and the ciphertext generated by the same plaintext password is different at different times, which is relatively safe.

the process of p>WordPress user password generation is that when it is necessary to generate a user password, a salt is randomly generated, and then salt and password are added, and md5 is performed for count times. Finally, a password starting with $P$ is obtained by adding the hash value of encode64, and the result of this password is different every time. The following is the code for generating WordPress password. Put it in the root directory of WordPress to generate an encrypted password. Replace the user_pass field of wp_users data table with this password to modify the password.

< ? php

$password = 'abc';

global $wp_hasher;

if ( empty($wp_hasher) ) {

require_once( './wp-includes/class-phpass.php');

$wp_hasher = new PasswordHash(8, TRUE);

}

echo $wp_hasher-> HashPassword($password); >

however, there is an easier way to modify the password of a WordPress user, that is, directly change the user_pass field in the wp_users data table to a 32-bit md5(passowrd) to change the password to a password. This password form is of course not very secure, so when this user logs in at WordPress, the system will automatically change the MD5 password to a password beginning with $P$.

WordPress's password supporting simple md5 format makes it easier for users of other systems (such as Ucenter system) to integrate WordPress.

I hope I can help you!