StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
13648533
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2012-11-30T15:51:56.247
FavoriteCount
0
LastActivityDate
2012-12-20T16:15:22.333
LastEditDate
2012-12-20T16:15:22.333
LastEditorUserId
722112
OwnerUserId
722112
ParentId
13643618
PostTypeId
2
Score
11
ViewCount
0
LastEditorDisplayName
text
Body
Hashes are one way encryption. You're not supposed to be able to decrypt the password. Basic operations for passwords: <ol> <li>The customer signs up for an account and enters a password. The system adds a salt, encrypts the password and stores the resulting password hash in the database.</li> <li>The customer logs in, enters the password. The system adds a salt, encrypts the password and compares the generated password hash with the stored password hash. When the hashes are equal, the login system knows the customer knows the password without actually knowing the password itself.</li> </ol> So, if one system uses SHA1 and another uses old, expired MD5, the only way you can get the password back into the system is to have the customer reenter the password so the new hash algorithm gets invoked and the new hash gets stored. You have the Enterprise source code, write a module that uses the Enterprise hashing function to store and compare the passwords and you'll have CE with an updated, security enhanced method to store passwords and should be able to bring the password hashes over from the old site. Some additional information: The encryption method used is found in the Mage_Core_Model_Encryption class. Three functions of interest are: <ol> <li><code>public function hash($data)</code></li> <li><code>public function getHash($password, $salt = false)</code></li> <li><code>public function validateHash($password, $hash)</code></li> </ol> Function Code From 1.7.x.x > <pre><code>public function hash($data) { return md5($data); } </code></pre> > <pre><code>public function getHash($password, $salt = false) { if (is_integer($salt)) { $salt = $this->_helper->getRandomString($salt); } return $salt === false ? $this->hash($password) : $this->hash($salt . $password) . ':' . $salt; } </code></pre> > <pre><code>public function validateHash($password, $hash) { $hashArr = explode(':', $hash); switch (count($hashArr)) { case 1: return $this->hash($password) === $hash; case 2: return $this->hash($hashArr[1] . $password) === $hashArr[0]; } Mage::throwException('Invalid hash.'); } </code></pre> It appears that both CE and Enterprise use the same routines, you will have to check that out as you have the Enterprise code. Changing the Encryption Key in your app/etc/local.xml file to match the key in your Enterprise version and then importing the Enterprise data into the CE datapbase will allow access to encrypted data. Passwords, though are stored as hashes (see above function blocks) and non-reversible due to that. The pertinent section in local.xml where the encryption key is stored: <pre><code><crypt> <key>< ![CDATA[-encryption-key-here-]]></key> </crypt> </code></pre>
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POHow to decrypt magento enterprise edition password?
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. USFiasco Labs
UserOwnerUserId
1. USFiasco Labs
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
3. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.