PrestaShop Password Encryption Method & Notes about generating hash for PrestaShop Password

Written by Jigesh Raval on June 10, 2017

PrestaShop is my favorite eCommerce framework. I suggest it to all of my clients to use to for eCommerce purpose.

Here i’ll tell you which password mechanism PrestaShop use,

So right now, i am talking about latest PrestaShop version which is 1.7 but normally PrestaShop has same mechanism deployed in PrestaShop 1.5 and later, yes before they were using plain MD5 and now Presta is using bcrypt which is more secure.

In current version they use class ‘Hashing’ which is located in root/src/Core/Crypto/Hashing.php

Of course, PrestaShop obviously use its ‘_COOKIE_KEY_’ as a salt to the password and pushing application towards safety.

PrestaShop has introduced Tools::hash method and i am unsure of its usage because it just return MD5 of plain text and salf of application’s cookie key.

PrestaShop Password Encryption:

If you ever need to generate password hash manually first add following line at top of your file,

If you need help about how to generate hash in external mobile or desktop or any other application, feel free to write in comment box below.

For any other help, discussion, knowledge sharing, kindly put your comments. Your comments and feedback are valuable to me.

Keep learning…!