Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.

How to change the cryptography of users passwords?

+3 votes
asked Jan 30 in Q2A Core by Phillipe Tramontano

The default cryptography is SHA1, and I'd like to change to MD5 so I can integrate with another existing pages that require logins
Q2A version: 1.7.2
commented Jan 30 by pupi1985
Considering they are simply using MD5, then shouldn't it be easier to update the already existing pages?

Also note that in v1.8 the password encryption will change. Take a look at this function http://php.net/manual/en/function.password-hash.php . If your PHP version supports it then Q2A will use it and replace your old passwords. Otherwise, it will fallback to the v1.7.x and below password encryption method.

This question might be relevant: http://www.question2answer.org/qa/30100

1 Answer

+1 vote
answered Jan 31 by Scott
It's not clear exactly what you're trying to do, but I can't see any reason why switching to md5 would help you.

md5 is much less secure than sha1, and as pupi said we're switching to bcrypt in Q2A 1.8 because sha1 is also quite insecure nowadays.

If you need to use Q2A logins on custom pages outside of Q2A you can use Q2A functions to do so. See here for details and examples: http://docs.question2answer.org/code/external/

If you need to use some login code from an external app or other system, check out the Single Sign On feature: http://docs.question2answer.org/install/single-sign-on/