Jump to content
thirty bees forum

TB Login security / MD5 hash - user


Recommended Posts


We have been running over the security of ThirtyBees. And we did see as many of you know, PS1.6/TB are running on a very old MD5Hash solution for its passwords. And thats simply not good. 

We have been looking into what to do about this, and what we have found and the only thing we seems to find, is that we need to recode all of the password section or use a other auth system. 

Here we have been looking into firebase Authentication, its the same that Prestashop uses for their addons. I seem to have found some kind of "code" for it : https://github.com/PrestaShop/firebaseauthenticator

We have found a few other services like the auth0.com and others but no native module for PS/TB.

What do you other do.?
Is their a plan for TB to create a better system.? 

Link to comment
Share on other sites

tb is not using md5 for oassword hashing. It is using password_hash function instead, that's quite secure solution.

If you have migrated from ps16 some of the accounts might still be using md5, but after first login their password will be automatically rehashed using password_hash function.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...