What is the default encryption for openfire because from what ive seen its not MD5.
For example is i use the password: 123456 this is hashed as: 2cff25abd653e05b0075ef57d8437fb14810492bd4f656e8 and then i convert 123456 using a php md5 hasing program and it returns: e10adc3949ba59abbe56e057f20f883e
Is there anyway i can switch the system to use MD5 as all my efforts have failed. I tried:
as far as I can tell the md5 implementations of PHP an Java are the same but the string you hash may be encoded different.
Take a look at http://www.webtoolkit.info/javascript-md5.html and try to verify if the Javascript hashes match your PHP hashes or not. It may help to comment the “string = Utf8Encode(string);” line within the code if your PHP code does not use UTF8.
Java uses UCS-16 internally to store strings but I have no idea of Openfire uses UTF-8 or UCS-16 while creating the md5 hash.
Openfire uses Blowfish, an symmetric encryption algorithm.
A hash function like MD5 or SHA-1 is an one way function, so it is not possible (*) to decrypt a hashed password. But to support an deprecated protocol Openfire needs decryption.
(*) It is possible to decrypt short passwords that are hashed if no “salt” is used. This is possible through “rainbow tables” and takes a few hours.
the Openfire database does indeed not use MD5. But Openfire can also access external databases (read-only) for user accounts and supports in this configuration plain or md5 passwords.
If you already have user in your database, you no longer worried about openfire algorithm. openfire will obtain Your current user and password as read only. so, you may need create your own registration user script