[Zope] acl_users and encrypted passwords

Peter Bengtsson peter at fry-it.com
Fri Aug 7 11:10:14 EDT 2009

No, it's different every time.

Consider this::

    def _doAddUser(self, name, password, roles, domains, **kw):
        """Create a new user"""
        if password is not None and self.encrypt_passwords:
            print "\tself._encryptPassword('word')=",
            print "\tself._encryptPassword('word')=",
            print "\tself._encryptPassword('word')=",

When running this you get this output::

 	self._encryptPassword('word')= '{SSHA}dxZSdvO5CiaMbDuCC0mAreI0R6nqc5RyYFGo'
	self._encryptPassword('word')= '{SSHA}pup1PWzONwMnGXk/itXd6rhySF8MOuI57SO6'
	self._encryptPassword('word')= '{SSHA}HGRxMfi9J7uGK8tfHvuMWfIbNghvu+Z2hb7a'

2009/8/7 Andreas Jung <lists at zopyx.com>:
> On 07.08.09 16:26, Peter Bengtsson wrote:
>> When you encrypt your passwords in an acl_users User Folder, is there
>> a way to check that the old password is correct?
>> I'm building an app that allows the user to change her password with
>> the usual form of:
>>   Old: ________
>>   New: ________
>>   Confirm: ________
> You has the 'old' password using the same algorithm and compare it
> against the stored password hash. Look the AccessControl API of Zope.
> -aj
> _______________________________________________
> Zope maillist  -  Zope at zope.org
> http://mail.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  http://mail.zope.org/mailman/listinfo/zope-announce
>  http://mail.zope.org/mailman/listinfo/zope-dev )

Peter Bengtsson,
work www.fry-it.com
home www.peterbe.com
hobby www.issuetrackerproduct.com
fun crosstips.org

More information about the Zope mailing list