Get password when user registers and save it sha1 into database

The question:

im working on a website where the users can connect with iphone to some functions of it by using a sha1 encrypted password. In other words the plain password of wordpress encrypted in sha1.

In the past i did the silly thing of editing the core files of wordpress to get the password when the user register and save that password in sha1 on the wp_users table.

Of course my client updated wordpress and all the functions were lost. Yeah im stupid, im not sure what i was thinking that day.

There is any way to hook to the register function to get the password , encrypt it in sha1 format and storeit in the database from the functions.php file of my theme?

Any ideas?

The Solutions:

Below are the methods you can try. The first solution is probably the best. Try others if the first one doesn’t work. Senior developers aren’t just copying/pasting – they read the methods carefully & apply them wisely to each case.

Method 1

Have a look at Pluggable Functions in /wp-includes/pluggable.php. You can safely replace the password generating/checking functions with your own.

Method 2

You can hook into wp_check_password(), which does this at end:

return apply_filters('check_password', $check, $password, $hash, $user_id);

If $check is true then $password is current valid pass for $user_id.

Note that this will only work next time specific user logins. You can’t just retrieve plan text passwords for all accounts.

All methods was sourced from or, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

Leave a Comment