importing users where password is provided as md5 + much metadata

I have a spreadsheet that was provided to me of users to import to a new site I have built. I was provided with the password in MD5 hash form. I suspect if I insert this into the password field in the database, since it is MD5 it will still match their password when the user tries to login on the new system. Is this a correct assumption?

I also have a large amount of metadata for each user that needs to be inserted.

Because I want to insert the md5 string, and not the password text and the extra custom meta fields, I don’t think I can use wp_insert_user.

Does anybody have experience with this type of thing? I am thinking I will just do something directly in mysql, rather than hack up a WP plugin, any suggestions would be appreciated though.

WordPress used MD5 for password hash in the past, but had since moved on to more secure phpass. The good thing is that it retains backwards compatibility – if user had old MD5 hash then it will be checked as such and automatically re-hashed and re-saved using current algorithm, see wp_check_password().

You are correct that you cannot use wp_insert_user() because it expect plain text password.