https://www.ory.sh/ logo
#talk-kratos
Title
# talk-kratos
t

thankful-electrician-54953

04/22/2022, 10:36 AM
We are currently using md5 authentication for user login via sessions in one of our services and we would like to switch to using ory for authentication. It is posible to migrate existing users and passwords without the need to change user credentials and preserve the md5 hashed passwords?
m

magnificent-energy-493

04/22/2022, 1:06 PM
Hello Thomas, yes we have recently added this feature: https://www.ory.sh/docs/guides/manage-identities/import-identity#importing-credentials You can even import social sign in connections This works in the managed Ory Cloud or when selfhosting Ory Kratos.
s

steep-lamp-91158

04/22/2022, 2:16 PM
I think md5 is currently not implemented, but it would be good as a read-only option to allow importing
this would be done similar to how pkbdf2 works right now: https://github.com/ory/kratos/pull/1774
s

shy-dinner-46488

04/24/2022, 8:06 AM
Hi @User Is there an open ticket where we can track the progress for adding md5 import support? Thanks!
s

steep-lamp-91158

04/24/2022, 8:15 AM
The only mention of md5 I could find is in https://github.com/ory/kratos/issues/605 There, @User suggests we should not add legacy hashing algorithms However as the issue is already a bit older, we might want to reconsider this statement. An alternative solution I see is to allow external custom hashers implemented as an (HTTP) RPC So please open a new issue and we can discuss this there
s

shy-dinner-46488

04/24/2022, 9:32 AM
Thank you @User I have created a new issue fyi https://github.com/ory/kratos/issues/2422
👍 1
t

thankful-electrician-54953

04/26/2022, 6:16 AM
I really like the auth0 approach. But I would rather if the login script lived in an external API instead of an external database (it would be more abstract/generic)
Copy code
When a user authenticates via a custom database connection marked for import to Auth0, the following process takes place:

Auth0 authenticates migrated users against the Auth0 database.
If the user has not been migrated, Auth0 executes your custom login script and, upon successfully log in, adds the user to the Auth0 database.
Subsequent logins result in the user's credentials retrieved from Auth0, NOT your custom database.
New users are automatically added to the Auth0 database.
3 Views