Sugar uses MD5 encryption for storing password data in the backend database. This works fairly well, as MD5 is a well understood algorithm and is implemented in just about every programming language, as well as on the database side as well. There’s just one issue, MD5 isn’t the most secure algorithm out there.
So starting with Sugar 6.5, we are using PHP crypt on top of this to store each password as a hashed string. This provides greater security for the passwords stored in the database. It also brings up some questions on administration, so here’s the most common ones and the answers to them…
How do I move over from MD5 password storage to the new crypted storage?
This will happen transparently when you a user’s password is changed, and is not done during the upgrade process. If you want to move over all of your passwords to the new crypt storage, the best bet is to use the password management feature to expire everyone’s password after a period of time, which will force them to change their password and move to the new crypt storage
Can I still use MD5 passwords? I’m used to that and can easily administer passwords in the database using just MD5.
Sugar will still recognize passwords stored in MD5 format, but anytime a password is changed it will convert to the newer format. Unless very old PHP build (5.2) used in a system where better
crypt() is not available, new password will use salted hashing algorithm.
How will I know a user has converted over to the new crypted passwords?
Crypted passwords will be stored in the database prefixed by a dollar sign ($)
Can I update the passwords to store them in a new format outside of Sugar?
Yes, you can use the same method we do for this:
There are similar libraries available for other languages as well, such as passlib for Python, which should work as well.