FAQ Database Discussion Community


C#,asp.net Passwords are not matching after hashing with salt

c#,asp.net,hash,salt
I have used hashing with salt for password.Before i implemented hashing, i had a stored procedure which used to check textbox value with the value in Database and the code was working fine .After implementing hashing though the passwords are not matching,i checked the hashed value in database and password...

How do i encrypt password in three layers , SHA1, base64 encode and salt

java,base64,sha1,salt,password-encryption
I want to encrypt and decrypt password with high security . First, the string password with be converted to SHA1 , then i also want to add base64 encode and lastly add SALT to it. Is this doable in java? I have sample code to encode in base64 and sha1...

targeting salt minions using multiple grains

automation,salt,salt-stack,devops
In our infrastructure, we set multiple grains on the minion including an 'environment' and 'component' grain. Based on this, there can be multiple minions with the same component name, each in a different environment. I want to be able to select minions based on multiple grains instead of having to...

Java - Generating a random salt isn't random

java,random,hash,salt,salt-creation
I'm trying to generate a salt in Java to use with a hashing algorithm for secure password storage. I'm using the following code to create the random salt: private static String getSalt() throws NoSuchAlgorithmException { SecureRandom sr = SecureRandom.getInstance("SHA1PRNG"); byte[] salt = new byte[16]; sr.nextBytes(salt); System.out.println(salt.toString()); return salt.toString(); } Which...

Password hashing with Spring Security

spring,spring-security,salt,bcrypt
Is it possible to add additional salt to password using Spring Security BCryptPasswordEncoder?

Using SaltStack grains file with Vagrant

vagrant,salt,vagrantfile,salt-stack,vagrant-plugin
I would like to use minion.d/*.conf to provision a vagrant machine. Here is my Vagrant configuration: Vagrant.configure("2") do |config| ## Choose your base box config.vm.box = "precise64" ## For masterless, mount your salt file root config.vm.synced_folder "salt/roots/", "/srv/salt/" ## Use all the defaults: config.vm.provision :salt do |salt| salt.minion_config = "salt/minion"...

Is this a bad practice for storing passwords in PHP?

php,hash,passwords,md5,salt
I'm using the crypt function in PHP to hash passwords, along with salt obviously. But I'm generating my salt by calling the md5 function over the date function. And every time the user logs in the salt gets regenerated. Is any of this bad in any way? I am still...

SHA256 / SHA512: MySQL Code for Password Hashing and Salting

mysql,sql,hash,salt,sha256
I need some help understanding how to hash and salt passwords for users in SQL using SHA256 or SHA512. I think for each user I have to generate a different salt? How do I check the password at login and update and existing password in MySQL? I used this resource...

salt created by Java SecureRandom has different getBytes() value [duplicate]

java,security,salt
This question already has an answer here: how to convert byte array to string and vice versa 13 answers I use java SecureRandom to create salt to encrypt user. However, when I tried to match user with salt and password, they failed on different machine. The user is created...

Change password script works but doesn't write correct password into database

php,mysql,hash,salt
I have this script for change password : <?php /* Page/Script Created by Shawn Holderfield */ //Establish output variable - For displaying Error Messages $msg = ""; //Check to see if the form has been submitted if (mysql_real_escape_string($_POST['submit'])): //Establish Post form variables $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string(md5($_POST['password'])); $npassword =...

Hash and Salt string in Windows Store App

c#,hash,windows-store-apps,salt,sha
I have been trying to do a Hash and salt on a password that I have to save on the device. This is a code that I have been using, but I can't find System.Security.Cryptography and the RNGCryptoServiceProvider in the Windows Store Framework. public static string CreateSalt(int size) { var...

How to get wordpress password using hash and salt key?

wordpress,passwords,salt
I forgot my wordpress admin password but i am able to get into my DB and have the hashed password and also i have salt key from my wp-config.php file. Does anyone know how can i get my password back from above details. I tried doing forgot password thing but...

How to encrypt random value using some unique key in java

java,hash,passwords,salt
Hello I want to encrypt a unique random value using a key in Java. I will send this unique random value to each webservices to make system secure so nobody can hit my web services url on rest client. Please guide me a way to achieve this. Thanks in advance....

Failed to create Javascript analog of Java method for password hashing using SHA-256 and salt

java,javascript,node.js,salt,pbkdf2
I've been strugling for a while now by trying to complete next goal : I have a "Reset password" page that supposed to send new password to the server. I would like to hash it with salt, so I could save it in DB eventually. On Server side I have...

Error Hashing + Salt password

python,authentication,python-3.x,hash,salt
Someone can help me to fix this problem: TypeError: can't concat bytes to str I am trying to safely store hash+salt passwords, I think the problem is that my salt is a byte object how can I transform it into a string? Or is there a way to hash it...

salt in every password yii

yii,passwords,salt
I have a table column called salt and it is a required field but I don't want to users to input their own salts is there a way for our system to generate a salt for each password which are encrypted via sha1?

Do I need to escape every string and what is the maximum length of an escaped string?

php,string,salt,mysql-real-escape-string
I am trying to store a randomly generated salt in my database with SQL. I have generated this salt in php using this line of code: $salt = mysqli_real_escape_string($this->connection, mcrypt_create_iv(256, MCRYPT_DEV_URANDOM)); As I understand it all strings must be escaped regardless of whether they are derived from user input as...

Combining salt, docker and Amazon EC2 for hosting Python application

amazon-web-services,amazon-ec2,docker,salt,salt-stack
The situation we currently have in our company is: 3 python applications that can be spawned as many times as needed Single Amazon EC2 server that is hosting all those mentioned apps( 1 instance of each) CPU utilization ~30% periodic work we want to have done within 1hr takes 2hr...

Must I generate an additional salt, even though password_hash() already provides a salt?

php,cryptography,salt,bcrypt,php-password-hash
In using PHP's native password_hash() function, must (or should) I generate my own salt even though (to my understanding), it can already create a salt as seen here in this example (provided by http://www.php.net): <?php /** * Note that the salt here is randomly generated. * Never use a static...

The error is incorrect username or password even I've entered the correct credentials

php,mysql,hash,mysqli,salt
I've created my own way of login.php using hash & salt. When I input new admin account, the password and seems to be working fine on my phpmyadmin but when I calling the hash and salt in my login, the "User doesn't exist" seems to be good. The error is...

JS Twin-Bcrypt salt pattern

javascript,regex,salt,bcrypt
I've been exploring Twin-Bcrypt JavaScript library, and found a strange thing. At one moment, I've made my own salt on server side with PHP base64_encode(openssl_random_pseudo_bytes(16)) and used it in TwinBcrypt.hash() function, which responded that salt is invalid because of the regular pattern mismatch in library. So, the pattern is: var...

WildFly: randomly salted passwords in Java EE application

security,salt,java-ee-7,wildfly-8
What is the WildFly (8.2) way to work with randomly salted passwords stored in a database? Is an implementation of org.jboss.crypto.digest.DigestCallback (in the password validation process) meant to have access to the salt part from the database? Or should I simply hash and salt passwords by my self before handing...

How to generate an md5 hash with a plaintext string and a known salt [duplicate]

c#,passwords,md5,salt
This question already has an answer here: MD5 hash with salt for keeping password in DB in C# 4 answers I have been going crazy trying to figure this out. Is there a simple way in C# to take a string like "password123" and a salt "vfs5%S]m(_*Y+Tk" and generate...