Upgrading Legacy Systems
Learn how to upgrade legacy systems.
We'll cover the following
How do you upgrade your existing system that has MD5 passwords with no salt?
I’m going to give you two options.
-
Path 1 - As each user logs in, silently upgrade their hash to use BCrypt. They won’t even know the difference. Soon enough, you will have a database of well-secured passwords.
-
Path 2 - Use BCrypt to hash the existing MD5 hashes in the database. New passwords will be hashed with MD5 first and then BCrypt.
Upgrade Path 1
Path 1 is the traditional advice for migrating to new authentication schemes. It is by far the best option in most circumstances. To implement, do something similar to this:
Get hands-on with 1400+ tech skills courses.