Every so often I see on the Joomla! forum questions about how you can convert plain text passwords for use with Joomla!. Joomla! 1.5 uses salted MD5 passwords by default but will also happily authenticate users with plain MD5 passwords, upgrading them to their salted equivalent. So we'll go over some techniques for getting passwords up to scratch for Joomla! when coming from plain text.

Importing in Joomla!

The easiest way is to convert your plain text passwords straight into MD5 as you're importing them into your Joomla! database. Depending on how you're exporting from a relational database, you might be able to configure it to generate the dump file with the correct MD5'd password automatically.

SELECT name, username, email, md5(password) as password FROM usertable; 

Something like this will convert the password to MD5 as each row exports (note: if you want to load users into Joomla!'s database directly, you need to place entries in many other tables not just "jos_users").

You may also be interested in using a format similar to CSV for importing your users into your site which will take a CSV file and import it into Joomla! creating all of the relevant metadata as you go. You can check out the User Loader on my Open Source project site. 

Typically however you've already put the data in the Joomla! database and its potentially sitting with plain text passwords mixed in with your existing correctly encrypted passwords. 

The following query will update passwords to their correct value from within the Joomla! user database. It is keyed to not convert passwords that have a colon in it at character 33 and are 65 characters long (they should already be in the Joomla! native format), if they've got 32 characters (might already be md5) or are blank.

UPDATE jos_users SET `password` = MD5(`password`) WHERE LENGTH(`password`) > 0 AND (LENGTH(`password`) != 65 AND LOCATE(':', `password`) != 33) AND LENGTH(`password`) != 32 

You can run this from phpMyAdmin or MySQL Query Browser on your database. This will then update any plain text passwords into MD5 and on first login the user will then have their password converted into the salted form that Joomla! uses. If your prefix isn't "jos_" you will have to change this accordingly to match your prefix.