var password = crypto.createHash('sha256').update(data.password).digest('base64');
var salt = md5(uniqid() + 'secret');
I want to reverse the hash
For example I got:
dorZJ+jKH8z29WYXf/+NOiuQYpj3UZDPdr05mj3bN4s=
For babylone as a password!
Asked
Active
Viewed 582 times
-2
Saugat
- 1,309
- 14
- 22
user7661923
- 1
- 2
-
2You cannot reverse hashes. – Luud van Keulen Apr 19 '17 at 09:57
-
This is not how hashes work. They are one-way. – NullDev Apr 19 '17 at 09:58
-
Off topic: But you just revealed your password. Never do that! :P :D – Saugat Apr 19 '17 at 10:01
-
Just using a hash function is not sufficient and just adding a salt does little to improve the security. Instead iIterate over an HMAC with a random salt for about a 100ms duration and save the salt with the hash. Use a function such as `PBKDF2`, `Rfc2898DeriveBytes`, `password_hash`, `Bcrypt` or similar functions. The point is to make the attacker spend a lot of time finding passwords by brute force. – zaph Apr 19 '17 at 13:07
1 Answers
0
the point of a hash is that it is not reversible, but with the same input it will always give the same output.
To verify the hash against a password, you just have to generate a hash from that password and compare the two.
DoXicK
- 4,784
- 24
- 22
-
-
@user7661923 `var password = ......`, so it's now in the variable `password`, base64-encoded – DoXicK Apr 19 '17 at 10:15
-
Just using a hash function even with a salt is not sufficiently secure, see the comment to the question fr details. – zaph Apr 19 '17 at 13:09