Is it possible to update MD5 hashed passwords to a more secure hash without the original plaintext password?
The issue of updating MD5 hashed passwords to a more secure hash without the original plaintext password is challenging because hashing is a one-way function, meaning it's not possible to reverse the hash to get the original password. One solution is to prompt users to reset their passwords, generating a new secure hash in the process.
// Assuming $oldPasswordHash is the MD5 hashed password stored in the database
$newPassword = "new_password_here";
$newPasswordHash = password_hash($newPassword, PASSWORD_DEFAULT);
// Update the password hash in the database
// UPDATE users SET password_hash = $newPasswordHash WHERE id = $userId