Migrate passwords from mysql md5 to meteor

hassansardarlecodeur · April 1, 2020, 5:21pm

I have a system build on php and mysql.
Here I have stored passwords as md5 in mysql.

Now i have build same system on Meteor.

I need to migrate users from mysql to meteor mongodb.

As meteor uses different sort of encryption for passwords so how can I convert md5 passwords to work with Meteor?

znewsham · April 1, 2020, 6:49pm

I had a similar problem with a project a few years ago, we found there were two (related) options.

First, you have to store the md5 passwords in mongo associated with the user - if you want to re-hash them, you can. Second you must implement a custom login function, that will send the md5 hash of the password to the server.

Then you have two options:

in addition to the md5 hash, also send the sha256 + bcrypt hash with it. First try to match on sha256 version, then on md5 version. If you find a match on the md5 version of the password, set the sha256 + bcrypt version and delete the md5 version.
if the user logs in with an md5 password match, force them to change their password right after