WordPress user password algorithm rules

The user password of the WordPress system is saved in the user_pass field of the wp_users data table. The password is generated through the Portable PHP password hashing framework class. The password is random and irreversible, passwords in the same plaintext are generated at different times and are relatively secure.

The WordPress User password generation process is that when you need to generate a user password, a random salt is generated, and then the salt and password are added, and the count md5 is performed again, finally, when the hash value of encode64 is accumulated, a password starting with $ P $ is obtained. The password is generated differently each time. The following code generates the WordPress Password, put it in the WordPress root directory, you can generate an encrypted password, replace this password with the user_pass field of the wp_users data table to change the password.

<? Php
$ Password = abc;
Global $ wp_hasher;
If (empty ($ wp_hasher )){
Require_once (./wp-DES/class-phpass.php );
$ Wp_hasher = new PasswordHash (8, TRUE );
}
Echo $ wp_hasher-> HashPassword ($ password );
?>

However, a simpler way to change the WordPress user password is to directly change the user_pass field of the wp_users data table to a 32-bit md5 (passowrd) to a password, such a password is not safe, so after the user logs on to WordPress, the system automatically changes the MD5 password to the password starting with $ P $.

WordPress supports Simple md5 passwords, making it easier for users of other systems (such as Ucenter systems) to integrate WordPress.