The below script is used on this website to make the old v9 passwords more secure.
If anyone ever obtains our database, the passwords are currently save enough against any attempt.
Use the below script on your own v10 website and modify it to your own liking.
You can also use it as reference for importing users+passwords from other systems without users ever need to request a new password.
MySQL > 5.5.6
SET auth_password = CONCAT('Dragonfly_Identity_v9pass:',SHA2(SUBSTRING(auth_password FROM 5), '256'))
WHERE auth_password LIKE 'md5:%'
public static function verify($plain, $password)
return \Poodle\Hash::verify('sha256', md5($plain), $password);
Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Fedora 25 / Apache 2.4.27 / MariaDB 10.1.26 / PHP 7.1.10 / Mercurial
Last edited by DJ Maze on Mon Mar 02, 2015 10:50 pm; edited 1 time in total
Joined: Jun 29, 2004