SuiteCRM Password Hash conditions

Hi there,

my company provides all users with a dedicated company account, where upon registration the user has to provide his personal details including a personal username and password. Now, the user registration data is being used to created numerous other sub-accounts eg. for AWS WorkMail, SuiteCRM, etc., meaning the data the user enters is stored in several DB Tables and provides the users with uniform usernames and passwords across a variety of apps.

I am now trying to add automatic account creation for SuiteCRM, but am unable to recreate the hash conditions for the SuiteCRM password. I understand that the password string is MD5 encrypted, but when using PHP md5() to encrypt the password string, I get errors pertaining to the password length (32 chars) and generally cannot login even though the length matches.

So here is the question. What is SuiteCRM doing with the entered password string upon user creation? MD5 encryption? lowercasing all chars? adding salt? I cannot create an account unless I get the password encryption standard right.

Appreciate any insight, thank you.

Welcome to community!

Look at functions getPasswordHash and getPasswordHashMD5 in the file modules/Users/User.php