Stack Overflow
Stack Overflow

Questions tagged [bcrypt-ruby]

The bcrypt Ruby gem provides a simple wrapper for safely handling passwords.

Bcrypt-ruby gem is a sophisticated and secure hash algorithm designed by The OpenBSD project for hashing passwords. The bcrypt Ruby gem provides a simple wrapper for safely handling passwords.

If you store user passwords in the clear, then an attacker who steals a copy of your database has a giant list of emails and passwords. Some of your users will only have one password -- for their email account, for their banking account, for your application. A simple hack could escalate into massive identity theft.

It's your responsibility as a web developer to make your web application secure -- blaming your users for not being security experts is not a professional response to risk.

Source: https://rubygems.org/gems/bcrypt-ruby

109 questions
0
votes
0 answers

Bcrypt and Rails finding an admin user just by entering password

I'm building an app that has 3 models (Customer, Points, Admin). Customer has Points, Points belong to Customer. Then Admin has user_name and password_hash as attributes, storing the passwords via Bcrypt. Once a customer searches themselves via…
ravip0711
  • 371
  • 5
  • 19
0
votes
1 answer

How to update password attribute with has_secure_password?

I used has_secure_password for the User model. Now I am trying to use AJAX to update some of the user's attributes, including password. However, it looks like with has_secure_password, the password attribute no longer exists, replaced by…
zkytony
  • 1,242
  • 2
  • 18
  • 35
0
votes
1 answer

BCrypt::Errors::InvalidHash in SessionsController#create

I've tried looking at previous questions and answers regarding this error, but the solutions didn't seem to work for me. The error is thrown on the line: if customer && customer.authenticate(params[:session][:password_digest]) I am able to Sign Up…
Sarahshuffle
  • 182
  • 2
  • 11
0
votes
1 answer

rake db:migrate is not working and giving an error in terminal

So im trying to run rake db:migrate and i get this error in the terminal? rake aborted! LoadError: cannot load such file -- bcrypt_ext C:/Users/Josh/loveapp/app/models/user.rb:4:in `' C:/Users/Josh/loveapp/app/models/user.rb:1:in `
Joshua Minchew
  • 35
  • 1
  • 5
0
votes
1 answer

Authenticate with bcrypt for change password

Well, I got a problem to authenticate the user at the moment of changing his/her password, I get the mail and password and run the self.authenticate, but it keep returning me nil I use the same format as when I log in. Here's the…
Felipe Eduardo Rojas
  • 3
  • 7
0
votes
0 answers

change password bcrypt with hash and salt on ruby on rails 4.2

I'm trying to change the user password using the gem bcrypt and the hash-salt method. Here's my code where i include my attempt to change password, but it gives me an error of a missing template. User Controller def create @user =…
Felipe Eduardo Rojas
  • 3
  • 7
0
votes
1 answer

Updating User password & email in separate forms but in same view

My goal is to create a profile page where the (logged in) user can choose to either update their email or their password (in separate forms so not both at the same time) without navigating away from the page. Updating one's email is as simple as…
michael
  • 167
  • 5
  • 23
0
votes
1 answer

Unable to install bcrypt-ruby, blocks upgrade of devise, "Failed to build native gem extension"

I'm on Mac OSX 10.10.2. In attempting to upgrade devise from 2.1.2 to 2.2.8 (by updating the version in the Gemfile), bundle install attempts to install bcrypt 3.1.10 and crashes with this output: …
Ali H
  • 779
  • 2
  • 9
  • 21
0
votes
1 answer

MYSQL Password Encryption with BCrypt

I'm automating the process of creating WordPress sites with a custom shell script. Is it possible to encrypt MYSQL passwords with BCrypt for WordPress? If so, what's the best way to approach this? Snippet: #!/bin/bash execute=" CREATE DATABASE IF…
Deidora
  • 1
  • 2
0
votes
3 answers

Installing bcrypt gem failed

gem install bcrypt Building native extensions. This could take a while... ERROR: Error installing bcrypt: ERROR: Failed to build gem native extension. /Users/mohit/.rvm/rubies/ruby-1.9.3-p547/bin/ruby extconf.rb creating Makefile make …
Ruby4Rails
  • 81
  • 1
  • 11
0
votes
1 answer

Ruby BCrypt password comparisons return incorrect evaluation

In order to store my user's passwords securely, I'm attempting to use BCrypt in my Sinatra/Ruby application. The following code is of my User model. require 'mongo_mapper' require 'bcrypt' # User model class User include MongoMapper::Document …
VVulf
  • 59
  • 5
0
votes
2 answers

My bcrypt gem isnt working

I have successfully installed bcrypt - 3.1.7, and bundle installed after that. However, the bcrypt gem doesnt show up in the list, when I try to bundle show bcrypt, it says: Could not find gem 'bcrypt'. Also, when I do: gem 'bcrypt', '~>…
Sara
  • 3
  • 1
0
votes
1 answer

Cannot get BCrypt autentication to work

I am trying to set up a simple iOS/Rails application where I can create a user and subsequently authenticate them using BCrypt. I have tried to follow BCrypt's instructions but my authentication process is not working. Very new to rails so I'm sure…
Benny B
  • 357
  • 1
  • 3
  • 13
0
votes
3 answers

"BCrypt::Errors::InvalidHash: invalid hash" with Omniauth Identity

I've a Rails 4 application with Omniauth Identity and on production I got some of this errors for some users(a few): BCrypt::Errors::InvalidHash: invalid hash I've tested all the identity password_digest with the method…
Axel Manzano
  • 87
  • 2
  • 11
0
votes
1 answer

How scalable is Bcrypt for a Rails website?

I know the whole point of Bcrypt is to be time expensive when hashing to limit practicality of a brute force attack. But, doesn't that make it inherently unscalable? For instance, one site I read was claiming that the cost factor in Bcrypt should be…
Jason Burgett
  • 117
  • 1
  • 10
1 2 3 4 5
6
7 8