Skip to main content
599 questions
Newest Active Bountied Unanswered
Filter by
Sorted by
Tagged with
0 votes
1 answer
92 views

Below is HashingHelper.CreatePasswordHash() function I use to create passwordHash and passwordSalt during the Register action. I write this data into DB and when user wants to login I read from DB and ...
WowDogeCode's user avatar
  • 29
0 votes
0 answers
47 views

I am creating an api that would allow users of my wordpress website to also login from a mobile device (I am making use of fast-api). but I cannot figure out how to hash the password from python so ...
Anthony Aniobi's user avatar
  • 367
1 vote
2 answers
352 views

I recently upgraded bcryptjs to version ^3.0.0 in my Node.js project and encountered the following error while trying to hash a password: const bcrypt = require("bcryptjs"); const password =...
Nijat Aliyev's user avatar
  • 1,052
-1 votes
1 answer
101 views

I'm working on a login page and the password_verify() always returns false when getting the hash from the DB but prints true when using static values Here's my code : <?php require_once "ID....
Max Lhrm's user avatar
  • 1
0 votes
0 answers
29 views

I'm doing a basic Python Flask application with a Postgres database using psycopg2. I'm having trouble setting up the user registration password hash as it appears I'm working with a string vs byte ...
jazzmasterkc's user avatar
  • 399
0 votes
1 answer
148 views

I am using this Argon2 library in Rust for password hashing: https://docs.rs/argon2/latest/argon2/ let salt = SaltString::generate(&mut OsRng); let argon2 = Argon2::default(); let password_bytes = ...
sudoExclamationExclamation's user avatar
  • 9,061
0 votes
0 answers
47 views

I know I registered " 1 " as the password but as I check the password stored in the DB using password_verify(), it can't be recognized correctly. Can someone point out what I did wrong? If I ...
mynameiswadey's user avatar
  • 21
0 votes
0 answers
28 views

I am creating a login page for my new project. When logging in, the password can't match. It says Invalid password. This is my code. <!DOCTYPE html> <html lang="en"> <head&...
don Maleesha's user avatar
  • 1
1 vote
0 answers
48 views

This might be a stupid question and out of habit I wouldn't add a unique constraint to password hashes when stored in a database. However, I thought a bit about it and probably confused myself why ...
Skru's user avatar
  • 135
0 votes
0 answers
119 views

I am making a login route with jwt token and express. When I create an account, the password is hashed by bcrypt. When I log in, I need to compare them. I tried with simplest password but it didn't ...
Vishesh Gupta's user avatar
  • 13
0 votes
1 answer
300 views

Intro A common technique to securely hash passwords is to use salting and peppering. Salt comes from the database and pepper comes from the server. This means that both salting and peppering are ...
Ebbe Wertz's user avatar
  • 1
1 vote
0 answers
98 views

I'm traing to check a password validation without do login in a Laravel 10 project, but the function 'check' returns false, moreover, I can do login with the same password. I Don't know why return ...
Michu's user avatar
  • 170
1 vote
1 answer
220 views

I have a simple Hash class used to learn the ins-outs of the Password4j library. However, I seem to be getting different results with the same inputs--I call Password.hash(...) with same clear text, ...
Dave Lowe's user avatar
  • 431
-1 votes
1 answer
66 views

If I save the password to the database as a hash in the configuration file of the application or in the code for security reasons, how does the application connect to the database if it does not ...
Leo's user avatar
  • 1
0 votes
0 answers
44 views

I use password_hash and password_verify. Everything is working well the password is welled send in the database it goes retieve it well. Both the hash password and unhash are the same, but still it ...
Farid Alma's user avatar
  • 1
0 votes
0 answers
93 views

I've made a class that hashes a password to store in the database, and it is a singleton, since I do not want to make an instance of it every time I'm going to use, because it does not change. I've ...
Carlos Saraiva's user avatar
  • 41
0 votes
0 answers
37 views

Im trying to make a create user/login, but when I try to check if the input password is wrong, I get the same invalid input echo message even though the password I enter is correct. When a user gets ...
chrida's user avatar
  • 1
-1 votes
1 answer
79 views

I am new to this, and I want to know if I've coded this correctly. If so, how would I then go about storing the hashed password on a database? import hashlib import os password = input("Create ...
NukaWinter's user avatar
  • 1
1 vote
2 answers
75 views

I have downloaded https://github.com/alecgn/crypthash-net and moved it to the project's folder.This project is saved in main.cpp. #include <CryptHash/CryptHash.h> #include <bcrypt.h> using ...
Avantika eng's user avatar
  • 11
0 votes
0 answers
92 views

I am using XenForo [2.2.13]. Currently, the PasswordHash class handles password generation and verification using a custom algorithm and what I want to do is to modify that class to change or remove ...
Juan Agudelo's user avatar
  • 11
0 votes
1 answer
121 views

In C#, there's a method called VerifyHashedPassword(). This does not take a hashing algorithm. In T-SQL, there's a method HashBytes(), which does require that you pass the hashing algorithm. I am ...
tharpa's user avatar
  • 49
-2 votes
1 answer
1k views

Anyone know how to generate Hashes with the command line on Linux? I have to generate a Hash with SHA1 + salt= Password:Cat Salt:XN10Zj2c and a Hash with MD4= Password:Cat Thank you for your help!
Kiwi's user avatar
  • 1
0 votes
1 answer
77 views

I'm trying to create a simple login against my database to verify a user. For whatever reason Bcrypt.checkpw shows false when a true statement is expected. I am at a loss for words why this is the ...
radriaansNES's user avatar
  • 9
0 votes
0 answers
148 views

how to make decryption of HashPassword BCrypt in VB.NET?. the problem is If the user forgets the password then I can do decryption from HashPassword stored in the database or is there any other ...
user avatar
0 votes
0 answers
42 views

I'm making a register page for my website. I wanted to hash the password before send it to the database. Therefore, I used the password_hash() method. But this method gives different results with same ...
leoboran123's user avatar
  • 11
0 votes
1 answer
91 views

I considered the traditional password hashing: https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords/31846#31846 However, bitcoin has a way of letting people use human ...
prime's user avatar
  • 35
1 vote
2 answers
99 views

I have the following code with a userpassword contains a blow fish secret and the user password itself. The hash is another (not the secret and the password!!) but i still got a true as result: <?...
marcfunk's user avatar
  • 11
0 votes
0 answers
45 views

I am trying to use password_verify in a project and despite using this function before without any issues, it is no longer working for me. I feel like I am overlooking something really small. ...
Brandon Lisonbee's user avatar
  • 1
1 vote
0 answers
464 views

The ARGON2 password scheme is working successfully, but whenever I start/restart slapd it fails to recognize ARGON2 scheme. Output of journalctl -xeu slapd.service: Jun 23 17:21:53 mail slapd[3932159]:...
guhidfelleira's user avatar
  • 11
-5 votes
1 answer
230 views

Basically title, I've been tasked with creating a login system for a website, however they want an administrator to create the credentials given who should and shouldn't be accessing the locked parts ...
Darik Washeare's user avatar
  • 3
0 votes
2 answers
1k views

I am actually using Ansible to create user, with passwords stored in an Ansible Vault. However, I've encountered an issue where the passwords, despite being in the Ansible Vault, are displayed in ...
Mrbibi38's user avatar
  • 38
-1 votes
1 answer
102 views

So one of the basic rules of website authentication is never to write unencrypted passwords to the database. I typically put in functionality to hash passwords when user accounts are created, so that ...
Cmaso's user avatar
  • 1,113
5 votes
1 answer
4k views

My web application issues API keys to clients and I want to hash the API key in my database. However, it seems that if I follow best practices, whereby every hash has a different salt, then I cannot ...
poundifdef's user avatar
  • 19.5k
1 vote
1 answer
1k views

I'm trying to write password hashing code and encountered a problem with hashing methods, then created this test code to see what exactly is happening. The method first generates a password salt and ...
Val's user avatar
  • 1,882
0 votes
1 answer
727 views

I have always an error when I'm trying to create a user from postman: { "message": "Users validation failed: password: Cast to string failed for value "Promise { }" (type ...
Berk Disli's user avatar
  • 1
2 votes
0 answers
544 views

I'm working on a password manager app and i want to hash passwords with Fernet, the idea is that I'm writing a password into a file hashed then retrieve it when the user asks here is my code note : ...
ali nasser's user avatar
  • 33
0 votes
0 answers
347 views

I have a simple App to authenticate a user login. I wrote a test password script to ensure the authentication is working. However, it never succeeds even though it should for my testcase. Here is the ...
Umberto Vizcaino's user avatar
  • 21
0 votes
2 answers
1k views

To go straight to the point I just started using Codeigniter 3 and I am building a login system but I don't know how to implement a BCRYPT hashing algorithm for the password. Here's the controllers &...
user avatar
0 votes
0 answers
291 views

im currently learning how to make a working multi level login using code igniter using multi table because every type of user have some uniqueness and i tried to use md5 in the past but someone tell ...
Tatsuya's user avatar
  • 11
2 votes
0 answers
492 views

I tried asking this question on security.stackexchange, but it was marked as off-topic. So I figured it probably would fit more in on here. Here goes: I have just begun my bachelor's in IT security ...
Skoven's user avatar
  • 21
0 votes
0 answers
25 views

I'm trying to make a user login system where the password is hashed, I'm using this: function mk_password_hash($password) { $options = [ 'cost' => 12, ]; $...
medk's user avatar
  • 9,589
1 vote
0 answers
257 views

I want generate faker users with symfony with Datafixtures and I hash users password with "UserPasswordHasher" but when I run the command " php bin/console doctrine:fixtures:load" ...
Halit Cinici's user avatar
  • 21
0 votes
0 answers
85 views

For a customer (doctor) I have created a contact form. In the mailer.php configuration the email password is entered in plain text in an array. Of course, a doctor is not allowed to give me his ...
Hot Dog's user avatar
  • 35
1 vote
0 answers
31 views

I am trying to add a small proof of work function to protect a password from brute force attacks. The solution I have so far is based on the security iPhones have on their lock screen passcodes. I'm ...
Anters Bear's user avatar
  • 1,996
2 votes
0 answers
338 views

For the Python argon2 library, I would like a simple hash value that is not the hash of any actual password, and yet will raise argon2.exceptions.VerifyMismatchError rather than another exception when ...
bitinerant's user avatar
  • 1,651
0 votes
2 answers
1k views

In Django I have replaced the user model using (AbstractUser). Then in the admin panel area the fields are unordered. When generating a new user, the password is not encrypted, the user is saved with ...
Basilio Cristov's user avatar
  • 1
1 vote
1 answer
902 views

I am working on a project that has to store users passwords. With that password you can gain access to a user achievements and stuff so it's really important that you can not get the password even if ...
roee's user avatar
  • 105
0 votes
1 answer
676 views

I have encountered a problem in my sql script. I bought an sql script online and I'm trying to work around the script but I can't add another admin to the database and I can't edit the admin password ...
Maxwell Manu's user avatar
  • 1
1 vote
1 answer
250 views

I'm running the picoCTF PW Crack 5 gym challenge, but it is slow to iterate through the password list they provide for the challenge. Below is the code I'm using in the script to solve the challenge ...
Ryukashin's user avatar
  • 25
0 votes
4 answers
1k views

When a User registers, I run the password they input through CreateHash() - see below. I then get passed back a Dictionary<string, string> with the Hash and the Salt in it which I then store in ...
joehelsing's user avatar
  • 93

1
2 3 4 5
12