|Version 3 (modified by akaihola, 9 years ago) (diff)|
Django admin expects users' passwords to be entered as SHA-1 hashes in the format [algo]$[salt]$[hexdigest]. Here is a tool which automates calculating the hashes on the client side.
What it does as of version 1.0 is:
- searches each opened page for an <input> with id="id_password", class="vTextField required", name="password, size="30" and maxlength="128", which is how the password field is defined in Django admin
- when the password field loses focus, replaces its contents with a SHA-1 salted hash as Django expects
- does not modify field contents if it's already a hash
You need to
- use the Firefox browser
- install the Greasemonkey extension
- install the djangopasswordhasher.user.js user script
- works on all standard Django admin sites
- nothing to install on the server side
- needs the extension on the browser
- doesn't use a real password field -- password entry is visible
Note: Don't try to install the script using the attachments below. Use the remote link above instead. Admins should remove the attachments.