Manual:User table

The user table is where MediaWiki stores information about users. If using Postgres, this table is named mwuser.

"DESCRIBE user;" in version 1.4 gives the following:

+--+-+--+-+-++ +--+-+--+-+-++ +--+-+--+-+-++
 * Field           | Type                | Null | Key | Default | Extra          |
 * user_id         | int(5) unsigned     |      | PRI | NULL    | auto_increment |
 * user_name       | varchar(255) binary |      |     |         |                |
 * user_rights     | tinyblob            |      |     |         |                |
 * user_password   | tinyblob            |      |     |         |                |
 * user_newpassword | tinyblob           |      |     |         |                |
 * user_email      | tinytext            |      |     |         |                |
 * user_options    | blob                |      |     |         |                |
 * user_touched    | varchar(14) binary  |      |     |         |                |

The fields are:
 * user_id is the primary key, used to uniquely identify a user
 * user_name: Usernames must be unique, and must not be in the form of an IP address. Shouldn't allow slashes or case conflicts. Spaces are allowed, and are not converted to underscores like titles. (Conflicts?)
 * user_real_name stores the user's real name (optional) as provided by the user in their "Preferences" section.
 * user_rights is a comma-separated list of textual flags.
 * user_password is a concatenated md5 hash of user_id, a hyphen (-), and md5 hash of current password. (That is, MD5(CONCAT(user_id, "-", MD5("PASSWORD"))) in SQL.)
 * user_newpassword is generated for the mail-a-new-password feature.
 * user_email Note: email should be restricted, not public info. Same with passwords. ;)
 * user_options is a newline-separated list of name=value pairs.
 * user_touched the last time a user made a change on the site, including logins, changes to pages (any namespace), watchlistings, and preference changes.
 * user_token a pseudorandomly generated value that is stored in a cookie when the "remember password" feature is used

Some of this information was adapted from  in the MediaWiki   directory.

"DESCRIBE user;" in version 1.5 gives the following: +--+-+--+-+-++ +--+-+--+-+-++ +--+-+--+-+-++
 * Field                   | Type            | Null | Key | Default | Extra          |
 * user_id                 | int(5) unsigned | NO   | PRI | NULL    | auto_increment |
 * user_name               | varchar(255)    | NO   | UNI |         |                |
 * user_real_name          | varchar(255)    | NO   |     |         |                |
 * user_password           | tinyblob        | NO   |     |         |                |
 * user_newpassword        | tinyblob        | NO   |     |         |                |
 * user_email              | tinytext        | NO   |     |         |                |
 * user_options            | blob            | NO   |     |         |                |
 * user_touched            | char(14)        | NO   |     |         |                |
 * user_token              | char(32)        | NO   |     |         |                |
 * user_email_authenticated | char(14)       | YES  |     | NULL    |                |
 * user_email_token        | char(32)        | YES  | MUL | NULL    |                |
 * user_email_token_expires | char(14)       | YES  |     | NULL    |                |

"DESCRIBE user;" in version 1.8 gives the following: +--+-+--+-+-++ +--+-+--+-+-++ +--+-+--+-+-++
 * Field                   | Type            | Null | Key | Default | Extra          |
 * user_id                 | int(5) unsigned | NO   | PRI | NULL    | auto_increment |
 * user_name               | varchar(255)    | NO   | UNI | NULL    |                |
 * user_real_name          | varchar(255)    | NO   |     | NULL    |                |
 * user_password           | tinyblob        | NO   |     | NULL    |                |
 * user_newpassword        | tinyblob        | NO   |     | NULL    |                |
 * user_email              | tinytext        | NO   |     | NULL    |                |
 * user_options            | blob            | NO   |     | NULL    |                |
 * user_touched            | char(14)        | NO   |     | NULL    |                |
 * user_token              | char(32)        | NO   |     | NULL    |                |
 * user_email_authenticated | char(14)       | YES  |     | NULL    |                |
 * user_email_token        | char(32)        | YES  | MUL | NULL    |                |
 * user_email_token_expires | char(14)       | YES  |     | NULL    |                |
 * user_registration       | char(14)        | YES  |     | NULL    |                |

+--+-+--+-+---++ +--+-+--+-+---++ +--+-+--+-+---++
 * Field                   | Type            | Null | Key | Default           | Extra          |
 * user_id                 | int(5) unsigned | NO   | PRI | NULL              | auto_increment |
 * user_name               | varchar(255)    | NO   | UNI | NULL              |                |
 * user_real_name          | varchar(255)    | NO   |     | NULL              |                |
 * user_password           | tinyblob        | NO   |     | NULL              |                |
 * user_newpassword        | tinyblob        | NO   |     | NULL              |                |
 * user_email              | tinytext        | NO   |     | NULL              |                |
 * user_options            | blob            | NO   |     | NULL              |                |
 * user_touched            | char(14)        | NO   |     | NULL              |                |
 * user_token              | char(32)        | NO   |     | NULL              |                |
 * user_email_authenticated | char(14)       | YES  |     | NULL              |                |
 * user_email_token        | char(32)        | YES  | MUL | NULL              |                |
 * user_email_token_expires | char(14)       | YES  |     | NULL              |                |
 * user_registration       | char(14)        | YES  |     | NULL              |                |
 * user_newpass_time       | timestamp       | YES  |     | CURRENT_TIMESTAMP |                |
 * user_editcount          | int(11)         | YES  |     | NULL              |                |

+--+--+--+-+-++ +--+--+--+-+-++ +--+--+--+-+-++
 * Field                   | Type             | Null | Key | Default | Extra          |
 * user_id                 | int(10) unsigned | NO   | PRI | NULL    | auto_increment |
 * user_name               | varchar(255)     | NO   | UNI |         |                |
 * user_real_name          | varchar(255)     | NO   |     |         |                |
 * user_password           | tinyblob         | NO   |     |         |                |
 * user_newpassword        | tinyblob         | NO   |     |         |                |
 * user_newpass_time       | binary(14)       | YES  |     | NULL    |                |
 * user_email              | tinytext         | NO   |     |         |                |
 * user_options            | blob             | NO   |     |         |                |
 * user_touched            | binary(14)       | NO   |     |         |                |
 * user_token              | binary(32)       | NO   |     |         |                |
 * user_email_authenticated | binary(14)      | YES  |     | NULL    |                |
 * user_email_token        | binary(32)       | YES  | MUL | NULL    |                |
 * user_email_token_expires | binary(14)      | YES  |     | NULL    |                |
 * user_registration       | binary(14)       | YES  |     | NULL    |                |
 * user_editcount          | int(11)          | YES  |     | NULL    |                |

"DESCRIBE user;" in version 1.13 gives the following: +--+--+--+-+-++ +--+--+--+-+-++ +--+--+--+-+-++
 * Field                   | Type             | Null | Key | Default | Extra          |
 * user_id                 | int(10) unsigned | NO   | PRI | NULL    | auto_increment |
 * user_name               | varbinary(255)   | NO   | UNI |         |                |
 * user_real_name          | varbinary(255)   | NO   |     |         |                |
 * user_password           | tinyblob         | NO   |     |         |                |
 * user_newpassword        | tinyblob         | NO   |     |         |                |
 * user_newpass_time       | binary(14)       | YES  |     | NULL    |                |
 * user_email              | tinyblob         | NO   |     |         |                |
 * user_options            | blob             | NO   |     |         |                |
 * user_touched            | binary(14)       | NO   |     |         |                |
 * user_token              | binary(32)       | NO   |     |         |                |
 * user_email_authenticated | binary(14)      | YES  |     | NULL    |                |
 * user_email_token        | binary(32)       | YES  | MUL | NULL    |                |
 * user_email_token_expires | binary(14)      | YES  |     | NULL    |                |
 * user_registration       | binary(14)       | YES  |     | NULL    |                |
 * user_editcount          | int(11)          | YES  |     | NULL    |                |

user_password is one of two formats, depending on the setting of $wgPasswordSalt:

If $wgPasswordSalt is true (default) it it a concatention of:
 * The string ":B:",
 * A pseudo-random hexadecimal salt between 0x0 and 0x7fffffff (inclusive),
 * The colon character (":"), and
 * The MD5 hash of a concatenation of the salt, a dash ("-"), and the MD5 hash of the password.

If $wgPasswordSalt is false, it it a concatention of:
 * The string ":A:" and
 * The MD5 hash of the password.