SolarWinds | Serv-U
Contact Support: 866-530-8040 | Contact Sales: 855-498-4154 or email | Show Flags | Login
Serv-U FTP Server Home Page
The Best for Less
Secure file transfer & share files
from anywhere - affordably

FREE for 14 Days
Full featured trial with secure
FTP, file sharing & web transfer


Manually Generating Encrypted Passwords  -  KB Article #1177

Related Articles --

To generate an encrypted password for insertion into an ODBC user database (ODBC -or- .ini file in the case of Serv-U 6.x), first two random characters (the 'salt' - in the range a..z, A..Z) are added to the beginning of the clear-text password. This is then hashed using MD5 and the resulting hash is hex-encoded. The result of this is written as plain-text starting with the 2 salt characters followed by the hex-encoded hash.

The algorithm works as below:

Action Result
Password is established TestPassword
2 salt characters are added to increase complexity cbTestPassword
Result is hashed using MD5 and displayed in hexadecimal 8EA58F0751BAA5AF391253F7DADD3D46
2 salt characters added to beginning of previous hash cb8EA58F0751BAA5AF391253F7DADD3D46

When verifying a user's password, Serv-U will do the same. It parses the salt from the user's stored password (i.e., "cb" in this case), prepends it the password the user sent to it by the client, MD5 hashes it, and compares the result with the stored hash. If the values are equal, then the entered password is correct.

If you are having problems updating the ini file without restarting Serv-U please see Knowledge Base Article #1176.