Cloud Platform
How to check if Drupal user password is well hashed
Drupal login is not recognizing a password of a user.
One possible reason is the password could be store with a wrong hash.
To verify if the password is store with a valid hash you will need to use a module called drop_the_ripper.
After the module is installed and the code is deployed, SSH in the server and create a file adding the password of the user you want to test.
For example file:
echo "1234567Aa" > /mnt/tmp/password.txtTo test run the following command in site docroot:
site.env@server-xxxxxx:/var/www/html/site.env/docroot$ drush dtr --uid=[user-id] --wordlist=/mnt/tmp/password.txtIf the drop_the_ripper module do not find the password you will see a output like this:
Users to check: 1 [success]
Ran 5 password checks for 1 user(s) in 0.25 seconds. [success]If drop_the_ripper managed to find it, the output should be something like this
Users to check: 1 [success]
Match: uid=[id-user] name=[user-email] status=1 password=1234567Aa [success]
Ran 5 password checks for 1 user(s) in 0.25 seconds.This way you could verify if the hash is valid.
Cloud Platform