Yes, I saw your posts on Aprelium's forum.
Don't know what kind of problems you encountered, but I tried the firsts implementations of a Base64 encoding and MD5 digest I found here in the forum and/or on PBCrypto and got the right hashes.

So, Mike, going back to your message, I think you'll not have any problems doing a mass passwords change, if you ever need it.

Bye!

Yup, it sure it. I pass my info to the app Aprilum provided, I get a working password back.

?
It's actually very straight forward, like I posted above.

Let's say you have a user "joebyrne" with password "christian".

You start from a string like: "joebyrne:christian"
Then base64-encode it and get: "am9lYnlybmU6Y2hyaXN0aWFu"
Then get its MD5 hash: "b71b4d19bd39709cace269d39e81c169"

That's the string that endup in the .conf file.
Parsing the XML file and replacing the passwords is a quick job.
Even simpler, the XML parsing step can be safely bypassed tout court.

Bye!

Mike,

I have discussed the whole user account thing with Aprelium in great detail. I have a number of sites that have 200+ user accounts which is simply not practical to maintain via the Abyss web panel.

They were VERY good at giving me the info I needed to manipulate the XML files, but the passwords continued to be a problem. They they wrote an executable for me that allowed me to pass a string and get a properly encrypted password back.

So, I would suggest contacting them and seeing what they can offer you as a stop-gap to the next release. I don't have any idea when it will be, but one of the major improvements in version 3.0 is a rewritten user database and site configuration method. My guess is that they'd have 3.0 ready this year, but I'm not "in the know" about that one.

The string of hex digits you see in the configuration file is obtained starting from a "user:password" string, base64 encoding, then geting the MD5 hash.
In php:
Bye!