Password not syncing

  • luismotv77

    (@luismotv77)


    1 year ago

    Hello,

    I’ve installed the plugin on both sites and confirmed that user synchronization is working, except for passwords. All other user data is transferring correctly.

    In the main site I have this configuration:

    https://snipboard.io/60EQJa.jpg

    In the secondary site I have this configuration

    https://snipboard.io/c1lJZF.jpg

    Please let me know if I can provide more information.

    Kind regards.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Pablo Hernández (OtakuPahp)

    (@otakupahp)

    1 year ago

    I have the same error. Could it be because WP is no longer using MD5 to hash passwords??

    Plugin Author Alexandre Froger

    (@frogerme)

    1 year ago

    Hello,

    I have tested with the following steps (with actions create, update, password, login, logout on both sites):
    – create a user on site A, with [password 0]
    – user is created on site B, with [password 0], and login on site B and site A successfully
    – change password to [password 1] on site B, logout
    – login on site A with the [password 1] successfully
    – change password to [password 2] on site A, logout
    – login with [password 2] on site B successfully
    – delete the user on site A, successfully deleted on site B

    I then changed and tested according to the provided screenshots:
    – site A: create, update, password, login, logout
    – site B: login, logout
    – created a user on site A with [password 0] – and login on site B and site A successfully
    – changed password to [password 1] on site A, logout
    – login with [password 1] on site B successfully

    Please advise how to replicate the issue.

    Plugin Author Alexandre Froger

    (@frogerme)

    1 year ago

    I have the same error. Could it be because WP is no longer using MD5 to hash passwords??

    if ( ! function_exists( 'wp_hash_password' ) ) {
    	function wp_hash_password(
    		#[\SensitiveParameter]
    		$password
    	) {
    		global $wp_hasher;

    		if ( version_compare( $GLOBALS['wp_version'], '6.8', '<' ) ) {

    			if ( empty( $wp_hasher ) ) {
    				require_once ABSPATH . WPINC . '/class-phpass.php';

    				$wp_hasher = new PasswordHash( 8, true ); // @codingStandardsIgnoreLine
    			}

    			do_action( 'wprus_password', $password );

    			return $wp_hasher->HashPassword( trim( $password ) );
    		}

    		if ( ! empty( $wp_hasher ) ) {
    			do_action( 'wprus_password', $password );

    			return $wp_hasher->HashPassword( trim( $password ) );
    		}

    		if ( strlen( $password ) > 4096 ) {
    			do_action( 'wprus_password', '*' );

    			return '*';
    		}

    		$algorithm = apply_filters( 'wp_hash_password_algorithm', PASSWORD_BCRYPT );
    		$options   = apply_filters( 'wp_hash_password_options', array(), $algorithm );

    		do_action( 'wprus_password', $password );

    		if ( PASSWORD_BCRYPT !== $algorithm ) {
    			return password_hash( $password, $algorithm, $options );
    		}

    		$password_to_hash = base64_encode( hash_hmac( 'sha384', trim( $password ), 'wp-sha384', true ) ); // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode

    		return '$wp' . password_hash( $password_to_hash, $algorithm, $options );
    	}
    }
Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Password not syncing’ is closed to new replies.