Unable to reset password if hashing method is not available.
Closed, ResolvedPublic
Actions

Assigned To

None

Authored By

	Mnkras
	Aug 21 2014, 12:50 AM

Description

If a hashing method that was used to hash a password is not available then it is impossible to reset a password via the web interface (even with forgot password)

The current solution is to null the passwordHash field in mysql or possibly use the accountadmin tool.

I ran into this situation somehow where I installed phab on PHP 5.4 (no bcrypt) yet somehow the admin's password was hashed using bcrypt. When attempting to login or change the password it is not possible to change the password as an exception is being generated that bcrypt is not available and to upgrade PHP.

Revisions and Commits

rP Phabricator
	D10325	rPd122d9ec86a8 Allow users to recover from a missing password hasher

Event Timeline

Mnkras created this task.Aug 21 2014, 12:50 AM

Mnkras raised the priority of this task from to Normal.

Mnkras updated the task description. (Show Details)

Mnkras added a project: Phabricator.

Mnkras updated the task description. (Show Details)

Mnkras added a subscriber: Mnkras.

epriestley added a revision: D10325: Allow users to recover from a missing password hasher.Aug 21 2014, 4:50 PM

Closed by commit rPd122d9ec86a8.

Unable to reset password if hashing method is not available.Closed, ResolvedPublicActions

Description

Revisions and Commits

Event Timeline

Unable to reset password if hashing method is not available.
Closed, ResolvedPublic
Actions