Hi Skip,
Sorry, can't be done. A hashed password can't be decrypted, which is usually a good thing, so there is no way to retrieve the existing password, add a salt, and calculate the new hash. All I can suggest is you automatically set a starting password, and turn on the "Require Password Change", so they will enter a password the first time they sign on, which will be salted. The starting password should be different for each user, and you need to find a secure way of communicating it to them.
It really is better security once it's done, but it will be an annoyance during the transition to a newer OFBiz.
Cheers
Paul Foxworthy
SkipDever wrote
HashCrypt.getDigestHash() has been deprecated in favor of cryptPassword
which uses a salt. That is a good thing.
I am upgrading a 9.x ofbiz version to 12.04. We have hundreds of old
unsalted passwords in the db. Is there a service to replace these old
unsalted password hashs with the new salted ones?
Thanks
Skip
Locked
