Timeline for Password hashing method
Current License: CC BY-SA 3.0
10 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Mar 17, 2017 at 10:46 | history | edited | CommunityBot |
replaced http://security.stackexchange.com/ with https://security.stackexchange.com/
|
|
| Aug 20, 2014 at 9:17 | history | edited | Vogel612 | CC BY-SA 3.0 |
removed syntax highlight in "generated output" section
|
| Feb 28, 2014 at 15:49 | comment | added | CodesInChaos |
bin2hex(openssl_random_pseudo_bytes(22)) is still clearly wrong. The salt bcrypt salt is 16 bytes encoded with a Base64 variant (not hex), producing 22 characters.
|
|
| Feb 14, 2014 at 9:35 | comment | added | Simon Forsberg | @BANNA It seems like you are lacking a lot of understanding about the available hashing methods. Please read the documentation for the functions that you are using. Whether your functions are "ok" or not really depends on one thing: Are you able to use them? Do they work for you? Can you compare if an entered password is the same as a stored password with them? If you are unable to do that, I suggest showing what you have tried and explaining what the problem is and ask on Stack Overflow. | |
| Feb 14, 2014 at 7:23 | vote | accept | BANNA | ||
| Feb 14, 2014 at 7:22 | vote | accept | BANNA | ||
| Feb 14, 2014 at 7:23 | |||||
| Feb 14, 2014 at 5:51 | comment | added | BANNA | I am planning to use crackstation.net/hashing-security.htm#phpsourcecode this library. But while i try to hash a password using $mypass = create_hash("Password123"); its generating sha256:1000:EzeYvaE4tVPzpWJ51l+etMvcj1qKZF26:G3GncF0rC4q86yWh7A0GTdrXLuciXGMw you mean i have to store this hash to DB? But in every refresh it changes why its changing? | |
| Feb 14, 2014 at 5:42 | comment | added | BANNA | Thank you very much... I rewrite as per your suggestions and findings its now public function Pass_Hash ($password) { $generated_salt = bin2hex(openssl_random_pseudo_bytes(22)); $hash = crypt($password, "\$2y\$07\$" . $blowfish_salt); return $hash; } Is this ok now? | |
| Feb 13, 2014 at 19:50 | history | edited | Simon Forsberg | CC BY-SA 3.0 |
added 365 characters in body
|
| Feb 13, 2014 at 19:38 | history | answered | Simon Forsberg | CC BY-SA 3.0 |