- @AndrewMoore so wait, the result of
crypt($input, $this->getSalt())is the same as
$existingHashis what we got from the result of the first thing? this really makes no sense to me how these end up the same
- @AndrewMoore Hi! I'm trying to use this script, but I was wondering how do you check this against a stored hashed password in mysql? The has is always changing even if it is the same word. I'm just trying to figure out what is the best way to check this through mysql? Thanks!
- @AndrewMoore could you comment on the differences between this: yiiframework.com/wiki/292/secure-password-hashing-with-bcrypt and your one above and say which one is better, thanks ;-)
- @AndrewMoore yeah, that's exactly how I'm trying to check for verification. I've even tried to echo the
verify(), but it doesn't come out as true or 1. I hashed the user input, then i checked the database with user email to get the "hashed" password from registration, and checked it through verify.
mt_rand()is seeded exactly the same way in 5.3 (
getmypid()is available on all systems... And you should know that, you are a ZCE after all). Arguably, the benefits for a cryptographically secure salt here is extremely small; in hashing, the salt is not considered a secret. It is simply there to force the attacker to generate a different rainbow table per password (instead of using the same for all). Being able to guess the next salt gives no benefit to the attacker (it's in plain text in the hash).
- @AndrewMoore Hi, I've actually made a question regarding my issue, I was wondering if you maybe able to spot something that I'm missing? I'm getting really desperate, and this is the only thing I need to do to go forth on my login page (stackoverflow.com/questions/11481199/…) Thank you so much!
- @andrewliu theres nothing wrong with the
syntaxof your code, the only reason it wouldnt work was if
$chk_passaren't what they're suspose to be ;-) soz i keep commenting on stuff aimed at the other guy looool i can teamview with you to hhelp ya out if u wana ;p
- @AndrewMoore: I'm not saying it should be CS, but don't implement your own algorith. I know how
mt_rand()is seeded. But it uses that seed as input to a strong algorithm. As opposed to this RNG which invents its own algorithm and constantly uses the time. What's wrong with the MT that compells you to write your own algorithm?
- @AndrewMoore, thanks for posting this code. It takes ~10 seconds on my server for the output to return true. Can you explain what part of the code is dedicated to the delay? I don't mind a millisecond delay but my application doesn't require this level of slowness.
- @AndrewMoore I literally copy and pasted your code into a test.php file. So I guess
$rounds=12? However, when I decreased it to
$rounds=1, it still took ~10 seconds. Is there something else I need to do to get time<1sec? For a consumer web application 10sec is too much time.
- Oh my god. Don't use crypto code that isn't uploaded to somewhere tied to, approved by, and peer-reviewed by people you can identify as real authorities on crypto. This isn't about open vs. closed source. Whereever it's uploaded to should offer visibility of the reviewed and verified source. This is about acknowledging that most of us don't have the chops to critique crypto, and not letting the blind lead the blind. I'm seriously supposed to rely on anonymous upvotes on a wiki to tell me whether I'm compromising my customer's data? Cause that's all non-crypto experts can do with this.
- @MichaelLang: Good thing
crypt()is peer-reviewed and verified then. The code above calls PHP's
crypt(), which calls the POSIX
crypt()function. All the code above does more is generating a random salt (which doesn't have to be cryptographically secure, the salt isn't considered a secret) before calling
crypt(). Maybe you should do a little research yourself before calling wolf.
- @AndrewMoore Man, I'm sorry. I have been doing research. I just made a mistake and mistook your salt generating code for the hash creation. Maybe you could pull out the salt generation? I get really uneasy when I imagine people getting in the habit of copy/pasting a big pile of crypto code. It takes an attentive eye to distinguish what you did from the things that spawned this debate here: news.ycombinator.com/item?id=2654586
- @AndrewMoore And now I know that bcrypt is opinionated about its salts, so nevermind on the salt generation comment. I'm not sure what to do with this, but trying to think about how to edit the answer to make it clear that when you call crypt with a salt constructed a particular way, you get a bcrypt hash. I'm busy checking my work though cause I want to get it right. A statement like "crypt with a fancy salt is bcrypt (as long as its supported)" is a lot easier to verify is BS or not than analyzing and researching why code is like it is.