Hi when a user registers on joomla3.2 via CB 1.9.1 the registration username and password they supplied does not allow them to login.
I checked the jos_users table and sure enough the supplied password for the test user was hashed to md5 but no salt -e.g. fb64dae0fcd9a7ef125618f5552b0f53
An admin has to go in to their profile in the backend and change their password to allow them to login.
How can i ensure CB add the salt to the password on registration?
Ok the solution to this is to enable strong password encryption on Joomla 3.2
When you install it you get the post installation message:
As a security feature, Joomla 3.2 allows you to switch to strong password encryption.
To turn strong passwords on click on the button below. Alternatively you can edit the User - Joomla plugin and change the strong password setting to On.
Before enabling you should verify that all third party registration/login, user management or bridge extensions installed on your site support this strong password encryption.
Make sure its turned on or CB registration wont work
