Details
Description
WHMCS changed their password hashing algorithm. We used to be able to support their password hashes so clients could login after import without resetting their password.
This was done by updating /config/blesta.php and changing the following:
Configure::set("Blesta.auth_legacy_passwords", true);
Configure::set("Blesta.auth_legacy_passwords_algo", "whmcs-md5");
So, if we add support then I imagine we would do a similar thing, except for Blesta.auth_legacy_passwords_algo instead of "whmcs-md5" to "whmcs-sha256hmac" or something.
See https://docs.whmcs.com/Admin_Password_Hashing#Hash_Schema for docs on their password hashing algorithm. This states that it's for Admins, I could not find a similar article for Clients, but it may be the same.
See also https://www.ndchost.com/wiki/software/whmcs/client-password-hash for an overview and example.