Let me begin by saying I know this is generally advised against but I'm in a tough spot at work where this is essentially being demanded and to my understanding it's theoretically possible.
I am tasked with transferring all user data from one WordPress site to another, and one of the stipulations is nobody would have to set a new password.
I know there's no chance of dehashing the passwords but I read somewhere yesterday that if you use the same salts in
wp-config.php then the passwords should work. I tried this and it didn't do the trick, but that may be due to some weird WPEngine caching or hidden setting, as does happen with them from time to time. What was especially weird is my old password still worked after I did this.
I also read that, in addition to the salts in
wp-config.php, there are salts stored in the database somewhere that compliment or mirror the ones stored in
wp-config.php. That part I don't quite understand and is probably the real question here. Where in the WordPress database are these salts stored?
Is there any hope of achieving this?
Yes and no
wp_salt is the function you're thinking of:
Your theory should be correct, copying the passwords over via SQL, and making sure all the salts are the same, then clearing cookies and trying to login, should do the trick.
However, if we look at the code in the function, there are filters that WP Engines code might hook into. If this is the case, they might have added site independent salts, which means what you ask for would be impossible to do. At this point you'd need to contact WP Engine support, but they're very likely to refuse to help on security grounds.
As for yourself, you shouldn't be doing this either, as it's irresponsible and unprofessional, and should refuse to do so, regardless of wether it's possible or not.
I also read that, in addition to the salts in wp-config.php, there are salts stored in the database somewhere that compliment or mirror the ones stored in wp-config.php. That part I don't quite understand and is probably the real question here. Where in the WordPress database are these salts stored?
I'm unaware of such a thing, and the implementation of
wp_salt does not indicate such things. There is no evidence for it.
Why copy the users at all when you can put both sites in the same install and use the built in domain mapping?
Use the first site as a single sign on to login to the new site. Similar to how you logged into this site with Google/Twitter/etc