[wordpress插件] Drupal Password EncryptionDrupal密码加密

wordpress 插件 文章 2020-04-22 13:11 0 256 全屏看文

The Drupal Password Encryption plugin enables support for Drupal’s password encryption algorithms.


A password encryption algorithm is the method is used to secure a password when preparing to save it to the database, such as when registering a new user account, changing a password, or checking if a password is correct when logging in.<



/ p>

This plugin is most useful for users imported from a Drupal website.


Users’ passwords can be migrated (with no processing) from Drupal’s users.pass database column to WP’s wp_users.user_pass column.

用户的密码可以从Drupal的 users.pass 数据库列迁移(无需处理)到WP的 wp_users.user_pass 列。

Then, once the plugin is activated, users can login to the WP website using the same password they used to login to the Drupal website, without needing a password reset.


This plugin is also useful to simply enable stronger password encryption in WordPress.


Once this plugin is activated, any existing WP user (that was not migrated from Drupal) will still be able to login using their same password.


This is possible because phpass is one of several algorithms that Drupal supports.


(phpass is WP core's default password encryption algorithm.) However, until the user changes or resets their password,

phpass 是WP Core的默认密码加密算法。)但是,在用户更改或重置密码之前,

it will remain encrypted using phpass.


The plugin works by overriding WP's pluggable functions wp_hash_password() and wp_check_password() to invoke the equivalent functions in Drupal 7's password.inc, which is included with the plugin's files.

.org / api / drupal / includes%21password.inc / 7“ rel =” nofollow“> Drupal 7的 password.inc ,包含在插件的文件中。

This plugin may work on earlier versions of WordPress.


Please share your findings if you try it.



    1. Upload the drupal-password-encryption/ directory to wp-content/plugins/drupal-password-encryption/.
    2. drupal-password-encryption / 目录上传到 wp-content / plugins / drupal-password-encryption /

    3. Activate the plugin through the ‘Plugins‘ menu in WordPress.
    4. 通过WordPress中的“ 插件”菜单激活插件。

    5. Sleep more peacefully, knowing that if your database becomes compromised it will be significantly more difficult for a hacker to retrieve any passwords that are set or updated between now and when the database is compromised.
    6. 更安心的睡眠,因为知道您的数据库被破坏了,对于黑客来说,检索从现在到数据库被破坏之间设置或更新的所有密码的难度将大大增加。

    7. Optionally, import users from a Drupal website, migrating users.pass in the Drupal website’s database to wp_users.user_pass in the WP website’s database.
    8. (可选)从Drupal网站导入用户,将Drupal网站数据库中的 users.pass 迁移到WP网站数据库中的 wp_users.user_pass

    9. Optionally, change the password of any user account whose security is more important, such as administrators.

    10. (可选)更改安全性更重要的任何用户帐户(例如管理员)的密码。

      You can change it to the same password.

    11. 您可以将其更改为相同的密码。