How is the username stored through auth?

I know that the proper syntax while creating a user account in php is to run the username and password as upper and sha1


But my question is more say you want to have a way to update the password? I tried with a standard query

UPDATE accounts SET sha_pass_hash = sha1(“USERNAME:NEWPASS”) WHERE username = :arg

:arg is just a general username placeholder, but when I run that command. it still takes the old login information. I know you can use the console to set the password, but I’m looking at ways to run it when the server is offline, Does anyone know why this doesn’t work?

You also need clear s, v and sessionkey

Awesome! Thank you. I didn’t even think about looking into those fields before.

For WotLK I used something like that: sha1(strtoupper(“$username:$password”))

But for WoD it seems not to work. The hash is longer.

Anybody has a PHP example for WOD ?


Found here something: