How is user_pass generated? |


I want to understand how user_pass is generated. I read that wordpress is using MD5.

So if i generate a MD5 of ‘test’ i got ‘098f6bcd4621d373cade4e832627b4f6’ as MD5. WordPress stores ‘$P$BNTXQG1xSwomxndVt23Yvqr0ThCoUN0’.

Of course, if i paste ‘098f6bcd4621d373cade4e832627b4f6’ into the database manually, i can login with ‘test’ as password.

But how is ‘$P$BNTXQG1xSwomxndVt23Yvqr0ThCoUN0’ generated? I cannot find an explanation i undestand – maybe i am too dumb for that or whatever… is it “somesalt” + ‘test’ and a MD5 of the new string?

I haven´t figured it out yet…. can anybody help me to understand this?

Source link