Customer password not working after migration from Magento 1 to Magento 2

Question

I have migrated only customers from Magento 1.6.2.0 to Magento 2.2.3 and customers migrated successfully and listed properly in the admin section.

But when I try to login with the Magento 1 password I am not able to login.

So as I check in database the old passwords are stored differently than the Magento 2 passwords.

Here's a screenshot of the database table "customer_entity":

Basically I have found that when customer created from Magento 2 frontend there is a larger string after the first colon : and migrated passwords have only two character after the colon :.

Answer 1

"The data migration tool takes advantage of such backward compatibility in Magento to automatically migrate Customer password from Magento 1 to Magento 2. So your customers can use their md5() based password without the need to reset their passwords after migration. " Meaning they can log in with their md5 password ? I tried, to no avail.

Answer 2

After migrating database from magento1 to magento2, customer login problem occurs, to solve that problem just go to a file name encryptor.php in the vendor folder (Path is below) vendor\magento\framework\Encryption\Encryptor.php and change isValidHash() function like below.

        public function isValidHash($password, $hash)
       { 
          try { 

            $this->explodePasswordHash($hash);

           foreach ($this->getPasswordVersion() as $hashVersion) {

            if ($hashVersion == '0') {

                $recreated = current(explode(':', $hash));

            }else if ($hashVersion === self::HASH_VERSION_ARGON2ID13) {
                $recreated = $this->getArgonHash($password, $this->getPasswordSalt());
            } else {

                $recreated = $this->generateSimpleHash($this->getPasswordSalt() . $password, $hashVersion);
            }

            $hash = $this->getPasswordHash();
            error_log('password changing technique ======');
            error_log(print_r($recreated,true));
            error_log(print_r($hash,true));
        }
    } catch (\RuntimeException $exception) {
        //Hash is not a password hash.
        $recreated = $this->hash($password);
    }

    return Security::compareStrings(
        $recreated,
        $hash
    );
}

the above change wont cause any issue because once user login with above method, magento2 will change the password hash to its proper password format and you can see difference in customer_entity table in magento2 database.

Answer 3

I have created my own extension for customer migration and that was work perfectly with my Magento version: 2.2.4.

My logic: Taking Magento1 password and appending ":0" before inserting into Magento2 customer table.

Let me know if you need more info for same, I am happy to help the community!

Answer 4

I appreciate Shubanshu's answer, but as srokatonie stated below it you should never edit files directly in vendor folder.

Instead, create a custom module with an app/code/{CustomModuleVendor}/{CustomModuleNamespace}/etc/di.xml file in it with following content:

<?xml version="1.0"?>
<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:ObjectManager/etc/config.xsd">
    <preference for="Magento\Framework\Encryption\Encryptor" type="{CustomModuleVendor}\{CustomModuleNamespace}\Enrcyption\Encryptor" />
</config>

And the app/code/{CustomModuleVendor}/{CustomModuleNamespace}/Encryption/Encryptor.phpfile:

<?php
namespace {CustomModuleVendor}\{CustomModuleNamespace}\Encryption;

class Encryptor extends \Magento\Framework\Encryption\Encryptor {
    const HASH_VERSION_LATEST = "1";

    protected $passwordHashMap = [
        self::PASSWORD_HASH => '',
        self::PASSWORD_SALT => '',
        self::PASSWORD_VERSION => self::HASH_VERSION_LATEST
    ];

    private $hashVersionMap = [
        self::HASH_VERSION_MD5 => 'md5',
        self::HASH_VERSION_SHA256 => 'sha256',
        self::HASH_VERSION_ARGON2ID13 => 'md5'
    ];

   /**
     * @inheritdoc
     */
    public function isValidHash($password, $hash)
    {
        try {
   
            $this->explodePasswordHash($hash);

            foreach ($this->getPasswordVersion() as $hashVersion) {

                if ($hashVersion == '0') {

                    $recreated = current(explode(':', $hash));

                }else if ($hashVersion === self::HASH_VERSION_ARGON2ID13) {
                    $recreated = $this->getArgonHash($password, $this->getPasswordSalt());
                } else {

                    $recreated = $this->generateSimpleHash($this->getPasswordSalt() . $password, $hashVersion);
                }

                $hash = $this->getPasswordHash();
                error_log('password changing technique ======');
                error_log(print_r($recreated,true));
                error_log(print_r($hash,true));
            }
        } catch (\RuntimeException $exception) {
            //Hash is not a password hash.
            $recreated = $this->hash($password);
        }

        return Security::compareStrings(
            $recreated,
            $hash
        );
    }

Make sure to replace all occurences of {CustomModuleVendor} {CustomModuleNamespace} with your module vendor and namespace.

This will use your class intance instead of the core one without changing vendor files (which would be lost when you update your magento framework).

More about using di.xml here