Password Encryption and Hashing
In mojoPortal content management system you can configure on the Admin page whether passwords are stored as plain text, encrypted or hashed. This is not a setting that you want to change back and forth, if you start out with no encryption then change it to require encryption you will have locked out all your existing users until you reset their passwords, so once your site is configured with a custom machine key and smtp settings are configured so the site can send email, it is best to decide whether you will use encrypted or hashed passwords, make the configuration change in site settings and stick with the decision. See also the Post Installation Checklist.
Plain Text Passwords
When you install mojoPortal it defaults to plain text passwords, mainly to keep things simple for when you are first setting up your site and in case you forget the password and have not yet changed the admin user account to use your email address or have not yet configured smtp in which case your site cannot yet send any email. When using plain text passwords if all else fails you can lookup the password in the database in the mp_Users table in the Pwd field. When th efirst sitre is created after a new installation there is an admin user account created with the email address firstname.lastname@example.org and the password is admin. It is recommended that you change this account to use your own email address and a strong secret password. It is also recommended that you configure smtp settings so that your site is able to send email, that way if you forget your password you can use the password recovery system to have it send the password to your email address.
Encrypted passwords are the next level in password protection, passwords are stored in the database with sha512 encryption using a random 128 character password salt per user. The salt is just additional text that is concatenated with the password before encryption. This is so that if 2 users have the same password the encrypted value is still different so that passwords cannot be guessed by looking at the encrypted value in the database. Encrypted passwords can be decrypted so they still support password recovery. The machine key is used as part of the encryption so before changing to encrypted passwords you need to make sure you have established a custom machine key in web.config.
Hashed passwords use a one way sha512 encryption. That means it cannot be decrypted. When a user enters their password to login the value they enter is concatenated with the random 128 character salt of the user and then hashed and the hashed value is compared to the hashed value stored in the database, if it matches then the user entered the correct password. Since hashed passwords cannot be decrypted it is not possible to recover a hashed password if you forget it. In this case you can still use the password recovery system, but what will happen is that new random password will be created and sent to the user. For even greater security there is a setting in site settings to force a user to change their password after a password reset, that way the new password sent to the user in email is used only briefly, once the user is logged in they are forced to change their password again.
Created 2012-05-31 by Joe Audette