hash - Meteor,why same password after hashing, different string stored in database -

-

i found meteor default use sha-256 hash password. confused same password each account after hashing become different string stored in database. tell detail implementation, thx

per meteor docs, accounts-password uses bcrypt.

if @ source code of loginwithpassword, should able find out salt stored. second source, read masteram's answer laravel & meteor password hashing indicates meteor 2011 on uses $2y$ hash strings, i.e. php crypt_blowfish, uses

crypt_blowfish - blowfish hashing salt follows: "$2a$", "$2x$" or "$2y$", 2 digit cost parameter, "$", , 22 characters alphabet "./0-9a-za-z". using characters outside of range in salt cause crypt() return zero-length string. 2 digit cost parameter base-2 logarithm of iteration count underlying blowfish-based hashing algorithmeter , must in range 04-31, values outside range cause crypt() fail. versions of php before 5.3.7 support "$2a$" salt prefix: php 5.3.7 introduced new prefixes fix security weakness in blowfish implementation. please refer » document full details of security fix, summarise, developers targeting php 5.3.7 , later should use "$2y$" in preference "$2a$".

thus, $2y$ string in database, , extract salt it.


Comments

Post a Comment

Popular posts from this blog

c# - How Configure Devart dotConnect for SQLite Code First? -

-
can configure following sample code ? when run following code, error : no entity framework provider found ado.net provider invariant name 'devart.data.sqlite' setting in machine.config <system.data> <dbproviderfactories> <add name="dotconnect sqlite" invariant="devart.data.sqlite" description="devart dotconnect sqlite" type="devart.data.sqlite.sqliteproviderfactory, devart.data.sqlite, version=4.6.287.0, culture=neutral, publickeytoken=09af7300eec23701" /> </dbproviderfactories> </system.data> after add below block code in app.config <?xml version="1.0"?> <configuration>   <configsections> <!-- more information on entity framework configuration, visit http://go.microsoft.com/fwlink/?linkid=237468 --> <section name="entityframework" type="system.data.entity.internal.configfile.entityframeworksection, entit...
Read more

java - Copying object fields -

-
what best way of copying classes when need have 2 independent variables? have simple class: public class myclass { boolean = false; string b= "not empty"; } do need make method : assign(myclass data ) { a= data.a; b= data.b; } is there automatic method copy (duplicate) objects in java? do need make method : pretty close. instead of making method, should make constructor. such constructors called copy constructor , , create them this: myclass(myclass data) { = data.a; b = data.b; } and create copy of instance, use constructor this: myclass obj1 = new myclass(); myclass obj2 = new myclass(obj1); copy constructor can tedious : using copy constructor create deep-copy can tedious, when class has mutable fields. in case, assignment create copy of reference, , not object itself. have create copy of fields (if want deep copy). can go recursive. a better way create deep copy serialize , deserialize object. why not use clone()? ...
Read more

c++ - Clear the memory after returning a vector in a function -

-
i have function processes , stores lot of data in , returns results vector of class. amount of data stored in function tremendous , want clear storage memory of function after finished job. necessary (does function automatically clear memory) or should clear memory function? update: vector<customers> process(char* const *filename, vector<int> id) { vector<customers> list_of_customers; (perform actions) return list_of_customers; } variables defined locally within function automatically released @ end of function scope. destructors objects called, should free memory allocated objects (if objects coded correctly). example of such object std::vector . anything you've allocated new must have corresponding delete release storage. try avoid doing own allocation , use raii instead, i.e. containers or smart pointers.
Read more