Skip to Content Skip to Menu

Security Concern: Admin Password Changed in Database with Format Inconsistency

  • mhs_cb
  • mhs_cb
  • OFFLINE
  • Posts: 53
  • Thanks: 0
  • Karma: 0
10 years 1 month ago #249345 by mhs_cb
Security Concern: Admin Password Changed in Database with Format Inconsistency was created by mhs_cb
I'm running Joomla 3.3.3.

All of a sudden, I am not able to log into my admin account on the front end or backend.

When I check the DB via PHPMyadmin and DB backups I discover that my password field is now different from previously.

And, that the format is different from everyone elses. Most users' passwords start with "$2y..." and some with "$P..." while mine starts with "y0/n...".

My question is, is there any reason Joomla would format my pw this way? If not, then the only other explanation is that something injected this new password into the DB directly. Should I be worried?

Is there a way to find out what, who, when, this field was edited int he database?

Please Log in or Create an account to join the conversation.

  • krileon
  • krileon
  • ONLINE
  • Posts: 48479
  • Thanks: 8283
  • Karma: 1443
10 years 1 month ago #249355 by krileon
Replied by krileon on topic Security Concern: Admin Password Changed in Database with Format Inconsistency
CB doesn't touch passwords. They're sent directly to Joomla API for encryption. Only reason for the format to change is the encryption method was changed in Joomla or maybe the password it self was changed. You can check the last updated column in _comprofiler, but that assumes the update was done using CB user edit.

Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
The following user(s) said Thank You: mhs_cb

Please Log in or Create an account to join the conversation.

Moderators: beatnantkrileon
Powered by Kunena Forum