Import Customers with Old Customers Password

Reusing the same customer password from an external system after customers are imported into Magento.

If you need to move an old customer base to Magento and want to do it seamlessly from a customers perspective – no “Update your password” or any other similar actions required by your customers, then the following is our solution.
In order to do this you would need to:

  1. Export existing customers into csv format
  2. Add special attributes to customer profile
    • “mcorner_pass_patched”
    • “mcorner_password”
    •  Optional “mcorner_salt” – in case old site uses salt within authentication.

You can follow the other tutorial we have for adding custom customer attributes:

The general idea is to create a class that would extend the core Magento functionality, intercept the authentication and authenticate using the old methods if needed. If password has not been patched, authentication is passed through the old methods from the old system and if authentication passes then in Magento we set flag “mcorner_pass_patched” to yes so that the next time it knows that it should just use the regular Magento authentication methods and not the legacy(old) ones.

Here are the steps:

  1. Create NAMESPACE folder under app/code/community/MCorner
  2. Create module folder “CustomersMigrated” as we will use this one as the name of our module – app/code/community/MCorner/CustomersMigrated
  3. Create Folders
    • app/code/community/MCorner/CustomersMigrated/etc
    • app/code/community/MCorner/CustomersMigrated/Model
  4. Create the config.xml file
    • app/code/community/MCorner/CustomerAddCustomAttr/etc/config.xml
  5. Inside the config.xml file copy and paste the code below:
    <?xml version="1.0"?>

  6. Create the Local Model file:
    • app/code/community/MCorner/CustomersMigrated/Model/Customer.php
    class MCorner_CustomersMigrated_Model_Customer extends Mage_Customer_Model_Customer {
    	function authenticate($login, $password) {
    		if ($this->getMcornerPassPatched() == 'n') {
    			if ($this->authenticateOldWay($login, $password)) {
    		return parent::authenticate($login, $password);
    	function _authenticateOldWay($login, $password) {
    		if ($this->_authenticateEmailOldWay($login) && $this->_authenticatePassOldWay($password)) {
    			return true;
    		return false;
    	function _authenticateEmailOldWay($login) {
    		// we have imported the email as it was, so people would be using the same email and magento native will handle that.
    		return true;
    	function _authenticatePassOldWay($password) {
    		$oldPassHash = $this->getOldPasswordHash(); // you need to import this field into the customer profile as attribute, part of the customer EAV
    		if ($oldPassHash === $this->_hashPasswordTheOldWay($password)) {
    			return true;
    		return false;
    	function _hashPasswordTheOldWay($pass) {
    		//use the old way of how the password was hashed
    		return md5($pass);


  7. Finally, to activate the CustomersMigrated module create the module file:
    • app/etc/modules/MCorner_CustomersMigrated.xml
    • Copy and paste the code below

Now you should be able to make it an easy transition from your old system to the new one for existing customers.

3 thoughts on “Import Customers with Old Customers Password

  1. Hello,

    Thanks for this module.
    I followed all the instructions but I don’t understand something. In the file Customer.php, it seems that the function getPassPatched() doesn’t recover the value ‘n’. Yet in the database I find this information.
    I think I missed something .
    For information my special attributes to customer profile are named :
    – Tofiooo_password
    – Tofiooo_salt
    – Tofiooo_pass_patched

    Do you have an idea ?


    • Hi, there was an error in the code for the tutorial. Please use “getMcornerPassPatched” if you have used the attribute “mcorner_pass_patched” initially. In the original solution we populated the field “mcorner_pass_patched” with value “n” so that we are aware if a password has been patched and we did not run legacy validation but use magento validation.

      I hope this info helps.

      • hi,

        Thank for your rreply, the module works great now. However I have to add in the code this “$this->loadByEmail($login);” in the authenticate function.
        I also change “$this->getOldPasswordHash()” by “$this->getMcornerPassword()”.

        Thanks a lot for this module and for your help

Comments are closed.