AbleCommerce Shopping Cart Software

Hi,

I am currently using Ablecommerce 7.0.4.

I have read somewhere on the forums that AC encrypts user passwords in Base64 however on the help.ablecommerce site the password policy states that passwords are encrypted using SHA1 hash.

Please can someone confirm the exact password encryption policy so that I know what format I am exporting passwords in?

Please also let me know what additional information would be required to import the user passwords into a new CMS database system I am using (e.g. is salt required etc)?

Any help would be greatly appreciated.

Thanks and regards,

Tony

You can encrypt password for ablecommerce like this

tonygets wrote:Hi,

I am currently using Ablecommerce 7.0.4.

I have read somewhere on the forums that AC encrypts user passwords in Base64 however on the help.ablecommerce site the password policy states that passwords are encrypted using SHA1 hash.

Please can someone confirm the exact password encryption policy so that I know what format I am exporting passwords in?

Please also let me know what additional information would be required to import the user passwords into a new CMS database system I am using (e.g. is salt required etc)?

Any help would be greatly appreciated.

Thanks and regards,

Tony

Base64 is an encoding scheme whereas SHA1 is a hashing technique. They can not be compared together. From an encoded text you can recreate the original text. From a string hash you can not recreate the original text.

The default password format in AbleCommerce is SHA1, as documented in help.ablecommerce.com

Hi again,

We are having trouble with the salt of the ablecommerce passwords. We are trying to import the SHA1 passwords into our new CRM however we do not know what salt is being used.

How do we figure out what salt to use when we import the passwords into our new CRM system?

Any help is greatly appreciated.

Thanks.

Tony