| Version 5 (modified by , 19 years ago) ( diff ) |
|---|
CookBook - Admin Tools - Firefox client-side password hash generator
Django admin expects users' passwords to be entered as SHA-1 hashes in the format [algo]$[salt]$[hexdigest]. Here is a tool which automates calculating the hashes on the client side.
What it does as of version 1.0 is:
- searches each opened page for an
<input>withid="id_password",class="vTextField required",name="password,size="30"andmaxlength="128", which is how the password field is defined in Django admin - when the password field loses focus, replaces its contents with a SHA-1 salted hash as Django expects
- does not modify field contents if it's already a hash
You need to
- use the Firefox browser
- install the Greasemonkey extension and restart Firefox
- install the djangopasswordhasher.user.js user script (click on the link: Greasemonkey should detect the script and display an "Install" button)
Pros:
- works on all standard Django admin sites
- nothing to install on the server side
Cons:
- needs the extension on the browser
- doesn't use a real password field -- password entry is visible
---
Note: Don't try to install the script using the attachments below. Use the remote link above instead. Admins should remove the attachments.
Attachments (2)
-
djangopasswordhasher.user.js
(3.5 KB
) - added by 19 years ago.
Version 1.0
-
djangopasswordhasher.user.js.txt
(3.5 KB
) - added by 19 years ago.
Maybe easier to install by looking at this in plain format.
Download all attachments as: .zip
Note:
See TracWiki
for help on using the wiki.