I could not decode your hash value to match the password. Could you provide a screenshot of the error?
In addition, does this happen with all imported users? Can they log in after changing password?
BTW, I tried with bcrypt and it’s working fine. Below is my scripts. This could be an alternative solution if you want to bulk import users with password.
I’m facing the same issue where password change is required. It’s happening for all my users. This is an example user with the original password “password”:
{
“email”: “bobtesting@dw.com”,
“email_verified”: true,
“custom_password_hash”: {
“algorithm”: “pbkdf2”,
“hash”: {
“value”: “$pbkdf2-sha256$i=150000,l=8$OUNDYTdwc2M$OGMxMTczY2QyYWYxOGIyOWM4ZTkxODJkNDcxZTE4MTNhZGM5NTljM2M3NDkwMjQzNzMwMmU1MDdkMjVmMzZiMA”,
“encoding”: “utf8”
}
}
}
Hi @lihua.zhang, i tried importing what you pasted above and the migration is successful, but im still seeing the banner that says “password change is required” when i try and log in with “password”.
I also suspect that ive been using the wrong keylen, i think it should be 32, but im still facing the same issue even when i update that value.
Hi, I actually figured out my own issue which was that i needed to convert the stored hex hash in my personal database to binary data with binascii.unhexlify, before then converting it to b64. This seemed to fix the problem for me. It works now, with a keylength of 32.