Customer password not working after migration from Magento 1 to Magento 2

Question

I have migrated only customers from Magento 1.6.2.0 to Magento 2.2.3 and customers migrated successfully and listed properly in the admin section.

But when I try to login with the Magento 1 password I am not able to login.

So as I check in database the old passwords are stored differently than the Magento 2 passwords.

Here's a screenshot of the database table "customer_entity":

Basically I have found that when customer created from Magento 2 frontend there is a larger string after the first colon : and migrated passwords have only two character after the colon :.

Answer 1

As you might know, Magento 2 has changed the encryption model. It uses a new method of hashing passwords sha256(), while Magento 1 uses MD5 which produces hash values of length n=128.

However, one thing to note that Magento 2 still supports both old md5() and sha256(). That means you can have both password_hash in your Magento 2.

The data migration tool takes advantage of such backward compatibility in Magento to automatically migrate Customer password from Magento 1 to Magento 2. So your customers can use their md5() based password without the need to reset their passwords after migration. And the (migrated) customer passwords in Magento 2 remain to be 128-bit (16-byte) MD5 hashes. Such passwords will be changed to sha256() hash algorithm if:

Your users change the password themselves on the new Magento 2 instance (after migration). Or, You manually upgrade your password_hash using md5() to sha256() after migration, by running the command: php -f bin/magento customer:hash:upgrade.

if that'not work for you then

Just Empty the table (TRUNCATE) " customer_entity_varchar "

Answer 2

After migrating database from magento1 to magento2, customer login problem occurs, to solve that problem just go to a file name encryptor.php in the vendor folder (Path is below) vendor\magento\framework\Encryption\Encryptor.php and change isValidHash() function like below.

        public function isValidHash($password, $hash)
       { 
          try { 

            $this->explodePasswordHash($hash);

           foreach ($this->getPasswordVersion() as $hashVersion) {

            if ($hashVersion == '0') {

                $recreated = current(explode(':', $hash));

            }else if ($hashVersion === self::HASH_VERSION_ARGON2ID13) {
                $recreated = $this->getArgonHash($password, $this->getPasswordSalt());
            } else {

                $recreated = $this->generateSimpleHash($this->getPasswordSalt() . $password, $hashVersion);
            }

            $hash = $this->getPasswordHash();
            error_log('password changing technique ======');
            error_log(print_r($recreated,true));
            error_log(print_r($hash,true));
        }
    } catch (\RuntimeException $exception) {
        //Hash is not a password hash.
        $recreated = $this->hash($password);
    }

    return Security::compareStrings(
        $recreated,
        $hash
    );
}

the above change wont cause any issue because once user login with above method, magento2 will change the password hash to its proper password format and you can see difference in customer_entity table in magento2 database.

Answer 3

I have created my own extension for customer migration and that was work perfectly with my Magento version: 2.2.4.

My logic: Taking Magento1 password and appending ":0" before inserting into Magento2 customer table.

Let me know if you need more info for same, I am happy to help the community!