Dear All,
I need to authenticate users against an external database that is using base64 encoding, but from a quick check Moodle does not support it. Could anyone provide some guidance regarding how to set it up?
Regards,
George
Don't.
Using base64 to encode passwords is seriously irresponsible.
Switch to a proper password hash algorithm like bcrypt.
Hello George, I second Mr Hunt's suggestion. Base64 is not secure and you are putting your data at risk. Base64 is an encoding format and not an encryption format. Any script kiddie could get to your data with extremely minimal effort.
That said, if you are dealing with a legacy system and you have no way around it, you will need to create an authentication plugin (which should require minimum coding to be honest given you are dealing with Base64 encoding) , but again I cannot stress enough that this is a terrible idea.
Regards
Ravi
Hi George
I don't understand the question: Do you mean the external database stores the passwords encoded in Base64? [1]
That would be very unusual. In the simplest password scheme, only a (cryptographic) hash value [2] of the password is stored. These functions are known to be irreversible.
[1] https://en.wikipedia.org/wiki/Base64
[2] https://en.wikipedia.org/wiki/Cryptographic_hash_function
I don't understand the question: Do you mean the external database stores the passwords encoded in Base64? [1]
That would be very unusual. In the simplest password scheme, only a (cryptographic) hash value [2] of the password is stored. These functions are known to be irreversible.
[1] https://en.wikipedia.org/wiki/Base64
[2] https://en.wikipedia.org/wiki/Cryptographic_hash_function