What are your opinions on Dreamweaver?
Horrible garbage. Even Adobe thinks so. About 2 or 3ish years ago they release Brackets, a free, paired down code editor. It's a solid code editor but no better than Atom, SublimeText, or Visual Studio Code.
Any perks of Dreamweaver, like the oft-touted ability to quickly convert a PSD mock into CSS or a working web page, is a straight up marketing lie by Adobe.
Wordpress stores user names and passwords in a database. Passwords can be encrypted but by default I believe they're stored in plain text.
This is not true. WordPress has never stored plain text passwords by default... at least for as long as I've worked on WP, going back 10+ years. With the earliest versions it used a salted MD5 password, but it moved away from that since... I dunno at least 2010. Today WP uses a function called wp_hash_password() that uses
OpenWall PHPass, in conjuction with the one-time salts that you define in your wp-config.php file.
I don't even know what settings you'd have to turn off to store passwords in plain text.
Make no mistake, WP is generally considered less secure than other CMS's, but that's usually not because of it's password hashing, it's because of insecure plugins and their popularity.
I wonder if the Webhost you worked for had a WP installer (Fantastico, etc) that automatically disabled hashing for users who installed it using the installer... Because by default that should never be the case, and over-writing it means over-writing wp_hash_password with a custom function that intentionally ignores all hashing.
So, the site I spoke about a little while ago (WordPress) is going to be re-written outside of WordPress, however there is a lot (I'm talking 2,000+ registered users, 500+ of those are schools who post jobs etc) now my question is, is there any simple way to export all this data (primarily thinking passwords and user account details) here out of the WordPress system and into our own system?
I'm thinking it is going to be a nightmare.
It's going to be difficult and I'd encourage you to not export passwords and have users setup a new password when they move to the other site. If you have to export passwords, WP takes a users PW and runs it through a function called
wp_hash_password(), and then it salts the password multiple times using a salt table defined in your wp-config.php file. There are other hashes that get piped onto it (
when someone registered and other items), which you might be able to reconstruct, but it'd be difficult. And then when you move to the new system you'd have to convert that hash into something that your new site can use, or be stuck using WordPress'
wp_check_password(); function.
I'd suggest as part of the migration explaining to your users that you're moving to a new system, and that at a given time they'll be pinged on their primary email address to update their passwords for the site. When you make the migration, send a note to every user to update their passwords using a new forgot password system.