GoFuckYourself.com - Adult Webmaster Forum - View Single Post - Tech User authentification / login issue (password hash)

zijlstravideo · 07-02-2022, 03:47 PM

Or... do you take the user input (password) from the form, then hash it using Bcrypt, before submitting the form?

It's a bit of a weird logic. Usually you take the raw input on submit, then after submit you'd hash it and compare those two hashes.

I think the problem now might be this: If the password is 'dildo', the Bcrypt hash is '$2a$10$F0eXLChOzrgQXlIL0hFdxOVQ9Y6it3dXIRGueIB54t cHqPvUUeUMO'

When you take that hash as input using $_POST, isn't php replacing the $2a, $10 parts etc with nothing, because these variables don't exists?

07-02-2022, 03:47 PM
zijlstravideo Confirmed User Industry Role: Join Date: Sep 2013 Location: The Netherlands Posts: 805	Or... do you take the user input (password) from the form, then hash it using Bcrypt, before submitting the form? It's a bit of a weird logic. Usually you take the raw input on submit, then after submit you'd hash it and compare those two hashes. I think the problem now might be this: If the password is 'dildo', the Bcrypt hash is '$2a$10$F0eXLChOzrgQXlIL0hFdxOVQ9Y6it3dXIRGueIB54t cHqPvUUeUMO' When you take that hash as input using $_POST, isn't php replacing the $2a, $10 parts etc with nothing, because these variables don't exists? __________________ Contact: email