Index: branches/version-2_5-dev/html/install/index.php
===================================================================
--- branches/version-2_5-dev/html/install/index.php	(revision 19972)
+++ branches/version-2_5-dev/html/install/index.php	(revision 19986)
@@ -281,5 +281,6 @@
     // 管理者登録
     $login_id = $objWebParam->getValue('login_id');
-    $login_pass = sha1($objWebParam->getValue('login_pass') . ":" . AUTH_MAGIC);
+    $salt = SC_Utils_Ex::sfGetRandomString(10);
+    $login_pass = SC_Utils_Ex::sfGetHashString($objWebParam->getValue('login_pass'), $salt);
 
     $objQuery->delete("dtb_member", "login_id = ?", array($login_id));
@@ -290,4 +291,5 @@
                                           "login_id" => $login_id,
                                           "password" => $login_pass,
+                                          "salt" => $salt,
                                           "creator_id" => 0,
                                           "authority" => 0,
@@ -947,4 +949,17 @@
         }
     }
+    //パスワード暗号化方式決定
+    $arrAlgos = hash_algos();
+    if(array_search('sha256', $arrAlgos) !== FALSE) {
+        $algos = 'sha256';
+    }elseif(array_search('sha1', $arrAlgos) !== FALSE) {
+        $algos = 'sha1';
+    }elseif(array_search('md5', $arrAlgos) !== FALSE) {
+        $algos = 'md5';
+    }else{
+        $algos = '';
+    }
+    //MAGICハッシュワード決定
+    $auth_magic = SC_Utils_Ex::sfGetRandomString(40);
     $config_data =
     "<?php\n".
@@ -963,4 +978,6 @@
     "    define ('ADMIN_FORCE_SSL', " . $force_ssl .  ");\n".
     "    define ('ADMIN_ALLOW_HOSTS', '".serialize($allow_hosts)."');\n".
+    "    define ('AUTH_MAGIC', '" . $auth_magic . "');\n".
+    "    define ('PASSWORD_HASH_ALGOS', '" . $algos . "');\n".
     "?>";
 
Index: branches/version-2_5-dev/html/install/sql/insert_data.sql
===================================================================
--- branches/version-2_5-dev/html/install/sql/insert_data.sql	(revision 19985)
+++ branches/version-2_5-dev/html/install/sql/insert_data.sql	(revision 19986)
@@ -481,5 +481,5 @@
 INSERT INTO dtb_mailtemplate (template_id, subject, header, footer, creator_id, del_flg, create_date, update_date) VALUES (5, 'お問い合わせを受け付けました', NULL, NULL, 0, 0, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP);
 
-INSERT INTO dtb_member (member_id, name, department, login_id, password, authority, rank, work, del_flg, creator_id, update_date, create_date, login_date) VALUES (1, 'dummy', NULL, 'dummy', 'dummy', 0, 0, 1, 1, 0, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, NULL);
+INSERT INTO dtb_member (member_id, name, department, login_id, password, salt, authority, rank, work, del_flg, creator_id, update_date, create_date, login_date) VALUES (1, 'dummy', NULL, 'dummy', 'dummy', 'dummy', 0, 0, 1, 1, 0, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, NULL);
 
 INSERT INTO dtb_module (module_id, module_code, module_name, sub_data, auto_update_flg, del_flg, create_date, update_date) VALUES (0, '0', 'patch', NULL, 0, 0, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP);
@@ -1030,5 +1030,5 @@
 INSERT INTO mtb_constants (id, name, rank, remarks) VALUES ('ZIP_DSN', 'DEFAULT_DSN', 8, '郵便番号専用DB');
 INSERT INTO mtb_constants (id, name, rank, remarks) VALUES ('USER_URL', 'HTTP_URL . USER_DIR', 9, 'ユーザー作成ページ等');
-INSERT INTO mtb_constants (id, name, rank, remarks) VALUES ('AUTH_MAGIC', '"31eafcbd7a81d7b401a7fdc12bba047c02d1fae6"', 10, '認証用 magic');
+INSERT INTO mtb_constants (id, name, rank, remarks) VALUES ('AUTH_TYPE', '"HMAC"', 10, '認証方式');
 INSERT INTO mtb_constants (id, name, rank, remarks) VALUES ('USER_TEMPLATE_DIR', '"templates/"', 16, 'テンプレートファイル保存先');
 INSERT INTO mtb_constants (id, name, rank, remarks) VALUES ('USER_PACKAGE_DIR', '"packages/"', 17, 'テンプレートファイル保存先');
@@ -1068,5 +1068,5 @@
 INSERT INTO mtb_constants (id, name, rank, remarks) VALUES ('OPTION_RECOMMEND', '1', 61, 'おすすめ商品登録(有効:1 無効:0)');
 INSERT INTO mtb_constants (id, name, rank, remarks) VALUES ('OPTION_CLASS_REGIST', '1', 62, '商品規格登録(有効:1 無効:0)');
-INSERT INTO mtb_constants (id, name, rank, remarks) VALUES ('DEFAULT_PASSWORD', '"UAhgGR3L"', 66, '会員登録変更(マイページ)パスワード用');
+INSERT INTO mtb_constants (id, name, rank, remarks) VALUES ('DEFAULT_PASSWORD', '"******"', 66, '会員登録変更(マイページ)パスワード用');
 INSERT INTO mtb_constants (id, name, rank, remarks) VALUES ('DELIV_ADDR_MAX', '20', 67, '別のお届け先最大登録数');
 INSERT INTO mtb_constants (id, name, rank, remarks) VALUES ('ORDER_STATUS_MAX', '50', 70, '管理画面ステータス一覧表示件数');
Index: branches/version-2_5-dev/html/install/sql/create_table_mysql.sql
===================================================================
--- branches/version-2_5-dev/html/install/sql/create_table_mysql.sql	(revision 19966)
+++ branches/version-2_5-dev/html/install/sql/create_table_mysql.sql	(revision 19986)
@@ -579,4 +579,5 @@
     reminder smallint,
     reminder_answer text,
+    salt text,
     secret_key varchar(50) NOT NULL UNIQUE,
     first_buy_date datetime,
@@ -791,4 +792,5 @@
     login_id text NOT NULL,
     password text NOT NULL,
+    salt text NOT NULL,
     authority smallint NOT NULL,
     rank int NOT NULL DEFAULT 0,
Index: branches/version-2_5-dev/html/install/sql/create_table_pgsql.sql
===================================================================
--- branches/version-2_5-dev/html/install/sql/create_table_pgsql.sql	(revision 19966)
+++ branches/version-2_5-dev/html/install/sql/create_table_pgsql.sql	(revision 19986)
@@ -581,4 +581,5 @@
     reminder smallint,
     reminder_answer text,
+    salt text,
     secret_key text NOT NULL UNIQUE,
     first_buy_date timestamp,
@@ -793,4 +794,5 @@
     login_id text NOT NULL,
     password text NOT NULL,
+    salt text NOT NULL,
     authority smallint NOT NULL,
     rank int NOT NULL DEFAULT 0,
