I have legacy application that keeps passwords encrypted with sha1() function, no salt.

Now that site is being converted into Symfony2 and FOSUserBundle, how can I transfer them to new database?

i had the same problem

just override the encoder like explained by @iamdto

# app/config/security.yml
security:
    encoders:
        FOS\UserBundle\Model\UserInterface: 
           id: your.custom.encoder

Your class should be

use Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface;

class CustomEncoder implements PasswordEncoderInterface
{

    public function encodePassword( $raw, $salt ) {
        //do not use salt here
        return sha1($raw);
    }

    public function isPasswordValid( $encoded, $raw, $salt ) {
        return $encoded === $this->encodePassword( $raw, $salt );
    }
}

You should add a column "version" to get legacy users and update their infos on next login

Have you tried :

# app/config/security.yml
security:
    encoders:
        FOS\UserBundle\Model\UserInterface: sha1

You should have a look at these references too :

• Configure your application's security.yml
• Encoding the User's Password

My colleague wrote a bundle for this very purpose:

https://packagist.org/packages/markup/fallback-password-encoder-bundle