security

How Joomla generates passwords for registration

If you need to generate a Joomla friendly password within your Joomla component, then use the following function:

private function generatePassword($pw)
{
     $salt = JUserHelper::genRandomPassword(32);
     $crypted = JUserHelper::getCryptedPassword($pw, $salt);
     $password = $crypted.':'.$salt;
     return $password;
}

Simply pass in the password the user has chosen to return an encrypted password that you can store in a database, recognisable by the standard Joomla login system.  The function will return a Joomla password.

If you wish to generate a random password rather than rely on user’s submission, try this:

$pw = substr(md5(rand()), 0, 7); //7 character random string - courtesy of stackoverflow.com
 Scroll to top