nightjarnz

in fact in this case, you've not downgraded, but rather removed security.

nightjarnz

downgrading security is always a terrible idea. Please don't do it.

nightjarnz

you can do this by setting the appropriate fields to that of the "locked out" state

nightjarnz

Assuming not all members will do this before migration happens, force them to run the "lost password" flow.

nightjarnz

@Wilson S force all users to set a new password by update Member set PasswordExpiry = '1970-01-01'

👍 (2)
Wilson S

class PasswordEncryptor_CakePHP extends PasswordEncryptor { function encrypt($password, $salt = null, $member = null) { if(function_exists(‘hash’)) { // Available in PHP 5.1+ only return hash(‘sha1’, $password); } else { // Fallback to global built-in methods return call_user_func(‘sha1’, $password); } } } PasswordEncryptor::register(‘cakephp’, ‘PasswordEncryptor_CakePHP’);