How can I change the default wordpress password hashing system to something custom?

1 Views

Can I change the default wordpress password hashing system by overriding the wp_hash_password function from plugin?

If yes, then what will happen to old stored passwords in DB? How will they be validated for login?

Post Views: 1

Related posts

Leave a Reply

1 comment

  1. Just figured it out. So thought to leave the solution here, if someone else need it:

    To change the default hashing system, need to overwrite wp_hash_password() function: (can be done in a plugin)

    if ( !function_exists('wp_hash_password') ){
    function wp_hash_password($password) {
                //apply your own hashing structure here
            return $password;
    }
}

    Now you will need to overwrite wp_check_password() to match your hashing structure: (can be done in a plugin as well)

    if ( !function_exists('wp_check_password') ){
    function wp_check_password($password, $hash, $user_id = '') {
            //check for your hash match
            return apply_filters('check_password', $check, $password, $hash, $user_id);
            }
}

    Please check wp_check_password