Search DaniWeb - salt

Salt and Hashing 12 Years Ago by mancode1007 … the class but not quite understand. It will store the salt and hash password in the database. Imports Microsoft.VisualBasic Imports… Function HashEncryptStringWithSalt(ByVal s As String, ByVal salt As String) As String Return HashEncryptString(salt + s) End Function End Class Please help… Salt, Hash and Encrypt Pwd in Database 13 Years Ago by Bheeman89 … it possible to get the password which the user enters, salt it, hash it and encrypt it before I store in… salt and hash member's password 13 Years Ago by Traps … is get the hashCode of the string/password and then salt it BUT that won't work as the hashCode will… Re: Needing an explanation of SALT's 16 Years Ago by uncle_smith Salt has nothing to do with sutiation where cracker can keep … the original value is a common word. But when the salt has been added before the md5 is applied, then reversing… Re: Why should we change the Security Salt value in CakePHP? 11 Years Ago by broj1 Salt actually increases the complexity of the hashed value and makes dictionary attacks more difficult. The salt should be known only to authorized users (or applications). If you use the default (pre-set) value in CakePHP it's almost like not using the salt since almost everyone knows it or can get hold of it. Using a salt to login, cant find error. 13 Years Ago by ShadyTyrant … from the input password the salt that is stored for that … mysql_query(" INSERT INTO members(username,password,salt,email_address,user_group,registration_ip,registration_datetime) VALUES( '".$…_POST['username']}'")); $saltyPassword = $system_salt.$randomSalt['salt'].$_POST['password']; $passwordHash = hash('sha512', $… Needing an explanation of SALT's 16 Years Ago by antwan1986 …database. From what I've been reading about SALT it sounds like a very cool way of…or two. [CODE] $pass = mysql_real_escape_string($_POST['password']); $salt = 'a7dHsgQs0eiPsksd'; $password = md5($salt . $pass); $sql = mysql_query("INSERT INTO table…I'm salting whatever they put? Or is SALT more of a security precaution for if ever your… Placement of hash/salt code in ASP.NET project? 10 Years Ago by Blueie Hello I have some hash and salt code I intend to try out (not used it before) … a Log-in form. Do I use the hash and salt code on both the Register.aspx.vb page and Log… username as 'jbrown', and the password as 'mypassword' would the salt and hash code insert instead something like the following: email… Re: Placement of hash/salt code in ASP.NET project? 10 Years Ago by JorgeM … would the point be using hash and salt then? You would store the hash/salt value in your db. When you authenticate… a user, you apply the hash/salt, then query your record in the table, then simply compare… Re: Placement of hash/salt code in ASP.NET project? 10 Years Ago by Blueie Thanks for that, Jorge. Isn't the hash/salt value stored in the database table **when the user first registers** - that is, with the hash/salt code applied to Reister.aspx.vb, and then later authenticated using the login form (Login.aspx)? Thanks again. hash passwword with salt value 17 Years Ago by picass0 i need to hash and generate a salt value of the password which input by user and save … understand how m i going to hash and generate a salt value from the user input? this will be an example… Re: Placement of hash/salt code in ASP.NET project? 10 Years Ago by deceptikon > Isn't the hash/salt value stored in the database table when the user first … Re: Why should we change the Security Salt value in CakePHP? 11 Years Ago by Laion Because you want a unique salt? If everyone had the same salt, what's the poiint then? :) Re: Hash & Salt db connection settings (password)? 9 Years Ago by ryantroop … want to string together (i.e., your data + your salt). Your salt can be anything that is unique to the platform (such… Why should we change the Security Salt value in CakePHP? 11 Years Ago by kevinpatel Why should we change the Security Salt value in CakePHP? and What if we don't change the value? Hash & Salt db connection settings (password)? 9 Years Ago by savedlema … "yesican", how do I generate the hash&salt -How do I use the value I saved in the… Encrypting files using an existing encrypted password and password salt? 8 Years Ago by zachattack05 … password they provide is checked against the embedded password and salt values and if they match, open, if not, don't… Re: Salt, Hash and Encrypt Pwd in Database 13 Years Ago by debasisdas You can try to use [B]Base64[/B] encoding. Re: Salt, Hash and Encrypt Pwd in Database 13 Years Ago by Luc001 Hi, What you also can do is useDES Algorithm. For more explanation, look [URL="http://www.vb-helper.com/howto_net_des_file.html"]here.[/URL] See also [URL="http://www.daniweb.com/software-development/vbnet/code/366392"]this[/URL] thread. Re: Salt, Hash and Encrypt Pwd in Database 13 Years Ago by Bheeman89 thank you for your reply folks..one more query, can I knoe is it feasible to do a password manager / password keeper program using VB.net and also ASP.net with windows server 2005.. or is there any other database which is easier to execute or such. just an opinion thought because i am planning to use what I have stated above. Re: salt and hash member's password 13 Years Ago by NormR1 How are you going to use a java program for this project? There are many algorithms for hashing a String. Have you researched one that looks good for you? By hashCode are you referring to what is returned by the Object class's hashCode() method? Re: salt and hash member's password 13 Years Ago by Traps I've already found a working solution so I'll mark this as solved, but to answer your question: I'm making a Web App and want to store users (usernames and passwords) in my database to handle user/login-sessions but don't want to store the passes as clear text. Yes, by hashCode I am referring to the Object.hashCode() method Re: how do i use php md5, crypt, salt 14 Years Ago by arturs.daudiss In some way I would disagree with gizgiz, because MD5 hash can be unhashed, for example, by using [url]http://www.md5-online.com/[/url] project. If security is primar - I would suggest using salt. Even better, if there is unique salt value for every user. Re: how do i use php md5, crypt, salt 14 Years Ago by cwarn23 … security is primar - I would suggest using salt. Even better, if there is unique salt value for every user.[/QUOTE] Agreed and… Re: Using a salt to login, cant find error. 13 Years Ago by ShadyTyrant Ok I found out that the problem is in the mcrypt_create_iv(6, MCRYPT_DEV_RANDOM). I dont know why but it just doesn't work. I got an alt mcrypt and it works well. [code] function alt_mcrypt_create_iv ($size) { $iv = ''; for($i = 0; $i < $size; $i++) { $iv .= chr(rand(0,255)); } return $iv; } [/code] Re: Needing an explanation of SALT's 16 Years Ago by antwan1986 So just to clarify, it's not the login process that it is protecting, it's the database side of things i.e. if the cracker was able to get access to the database, right? Re: Needing an explanation of SALT's 16 Years Ago by uncle_smith [QUOTE=antwan1986;790427]So just to clarify, it's not the login process that it is protecting, it's the database side of things i.e. if the cracker was able to get access to the database, right?[/QUOTE] Correct. YOu can't protect the login process with any tricks. If a lame user uses password 12345, the its a good change a cracker will guess it… Re: Needing an explanation of SALT's 16 Years Ago by antwan1986 Thanks for all the help. Case solved! Re: Placement of hash/salt code in ASP.NET project? 10 Years Ago by Blueie That's great, thanks for letting me know. I will try the code by adding it to both the Register.aspx.vb and Login.aspx.vb files. Cheers. Re: Hash & Salt db connection settings (password)? 9 Years Ago by savedlema Thanks ryan...I have been confused with people online who says encryption will not be good its not safe....and others telling me the opposite. Thanks for the link, I'm reading the article.