• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: quick pwd hash?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: quick pwd hash?


  • Subject: Re: quick pwd hash?
  • From: Ramsey Gurley <email@hidden>
  • Date: Tue, 05 Feb 2013 08:27:10 -0700

Example usage of BCrypt

final String password = "suparSekrit";
final String salt = BCrypt.gensalt(10); //between 1 and 30. Each increment ~ doubles cpu load.
final String hash = BCrypt.hashpw(password, salt); //one way hash
boolean match = BCrypt.checkpw(password, hash); //match is true
boolean nomatch = BCrypt.checkpw("wrong password", hash); //nomatch is false

Ramsey

On Feb 5, 2013, at 8:13 AM, Jesse Tayler wrote:

>
> Like.
>
> Wait - BCrypt not available from MessageDigest?
>
> 	NoSuchAlgorithmException: BCrypt MessageDigest not available
>
> I seem to be using MessageDigest to crypt MD5 or SHA1 ok…
>
>
> On Feb 4, 2013, at 5:07 PM, Ramsey Gurley <email@hidden> wrote:
>
>> Specifically
>>
>> er.extensions.crypting.BCrypt
>>
>> You don't want a quick hash, you want a computationally expensive hash for handling login.
>>
>> http://codahale.com/how-to-safely-store-a-password/
>>
>> Ramsey
>>
>> On Feb 4, 2013, at 12:34 PM, Tim Worman wrote:
>>
>>> er.extensions.crypting
>>>
>>> Tim
>>> UCLA GSE&IS
>>>
>>> On Feb 4, 2013, at 11:29 AM, Jesse Tayler <email@hidden> wrote:
>>>
>>>>
>>>> doesn't Wonder have a quick hash (sha1 maybe?) for handling user login?
>>>>
>>>> can't seem to spot it--
>>>>
>>>>
>>>> _______________________________________________
>>>> Do not post admin requests to the list. They will be ignored.
>>>> Webobjects-dev mailing list      (email@hidden)
>>>> Help/Unsubscribe/Update your Subscription:
>>>>
>>>> This email sent to email@hidden
>>>
>>> _______________________________________________
>>> Do not post admin requests to the list. They will be ignored.
>>> Webobjects-dev mailing list      (email@hidden)
>>> Help/Unsubscribe/Update your Subscription:
>>>
>>> This email sent to email@hidden
>>
>
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Webobjects-dev mailing list      (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden


 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden


References: 
 >quick pwd hash? (From: Jesse Tayler <email@hidden>)
 >Re: quick pwd hash? (From: Tim Worman <email@hidden>)
 >Re: quick pwd hash? (From: Ramsey Gurley <email@hidden>)
 >Re: quick pwd hash? (From: Jesse Tayler <email@hidden>)

  • Prev by Date: Re: quick pwd hash?
  • Next by Date: Re: WOCommunity Association is now a non-profit corporation
  • Previous by thread: Re: quick pwd hash?
  • Next by thread: Re: quick pwd hash?
  • Index(es):
    • Date
    • Thread