bcrypt is a key derivation function for passwords designed by Niels Provos and David Mazières, based on the Blowfish cipher, and presented at USENIX in 1999. Besides incorporating a salt to protect against rainbow table attacks, bcrypt is an adaptive function: over time, the iteration count can be increased to make it slower, so it remains resistant to brute-force search attacks even with increasing computation power.
Questions tagged [bcrypt]
7 questions
1
vote
2 answers
EC2 AWS Instance not building bcrypt dependency
I'm posting this here as it's clearly a server configuration issue rather than a code issue.
I've got an application working on my local Windows PC, however when trying to run:
npm install bcrypt
on an AWS EC2 server (RHEL), I get the following…
Wayneio
- 121
- 5
1
vote
0 answers
Enable bcrypt hashes for /etc/shadow in RHEL, CentOS, or Amazon Linux
Is it possible to add bcrypt support for system accounts (e.g., in /etc/shadow) in Amazon Linux? (Which is in turn binary compatible with RHEL5 and CentOS 5)
This only looks like a duplicate of this question. The body and accepted answer for that…
Jeremy Wadhams
- 877
- 2
- 9
- 19
1
vote
2 answers
Store password AES encrypted in MySQL after creating a bcrypt hash
I am building an application and storing user passwords in a table in MySQL. I am already using bcrypt but wondering, does it make any senses to AES_ENCRYT() the hashed password before storing into the database?
Example:
$bcrypt = new…
Justin
- 5,328
- 19
- 64
- 84
1
vote
2 answers
Use bcrypt password hashing with OpenLDAP (slapd)
I have an OpenLDAP LDAP server on Debian 9 (through the slapd package, v2.4.44). We use crypt for password authentication. Currently the scheme is SHA512: $5$....
The setup is pretty much as described in this question: How to use SHA-256 hashed (and…
Roberto
- 193
- 1
- 9
0
votes
1 answer
How do authentication servers handle thousands of CPU intensive logins?
Apologies if the answer is obvious, I'm just a little curious and couldn't nail down an answer elsewhere.
I'm used to seeing authentication servers use simple SHA-1 or SHA-256 to validate credentials, but best-practise these days is normally to use…
adelphus
- 101
- 1
0
votes
3 answers
How to add support of bcrypt to mysql?
Following this answer mysql does not support bcrypt because system does not support them either.
How to add support of bcrypt to Debian to MySQL?
sectus
- 139
- 1
- 8
0
votes
0 answers
Modern alternative for pam_userdb (for use with vsftpd)
Quite some years ago, I setup a vsftpd server with virtual users, according to some howtos (still) to be found on the internet, using pam_userdb.
Like this: A file called /etc/pam.d/vsftpd.virtual:
#%PAM-1.0
auth required pam_userdb.so…
Tobias Leupold
- 161
- 10