Stack Overflow
Stack Overflow

Questions tagged [bcrypt]

bcrypt is an implementation of the Blowfish cipher and a computationally-expensive hash function mostly used for password hashing.

bcrypt is an implementation of the Blowfish cipher and a computationally-expensive hash function mostly used for password hashing.

Resources

2290 questions
57
votes
1 answer

What's the advantage of scrypt over bcrypt?

I'm looking at ways to securely store passwords. Some people claim that scrypt is "better" than bcrypt, and so far I've seen nobody who claims vice versa or that scrypt is insecure, though some call bcrypt "more reputable". What's the advantage of…
Hongli
  • 18,682
  • 15
  • 79
  • 107
56
votes
3 answers

Rails: "BCrypt::Errors::InvalidHash" when trying to sign in

I am trying to finish a project. I am working with user models. When I signup everything seems ok . But when I try to signin the same member I get this error. We're sorry, but something went wrong. heroku logs file shows error…
ytsejam
  • 3,291
  • 7
  • 39
  • 69
55
votes
2 answers

Bcrypt generates different hashes for the same input?

I just added a registration functionality to my new grails project. For testing it, I registered by giving an email and a password. I am using bcrypt algorithm for hashing the password before saving it to the database. However when I try to login…
adit
  • 553
  • 1
  • 4
  • 5
44
votes
3 answers

Comparing BCrypt hash between PHP and NodeJS

For an app I'm working on, nodejs needs to verify hashes created by PHP and vice-versa. The problem is, the hashes generated in PHP (via Laravel's Hash class, which just uses PHP's password_hash function) return false when tested in node.js. The…
wolfemm
  • 993
  • 3
  • 11
  • 16
44
votes
5 answers

Why BCryptPasswordEncoder from Spring generate different outputs for same input?

I am using BCryptPasswordEncoder with Spring security. My expectation was that for the same input I will always get the same output. But for the same input I get different output. You could test it with the code snippet below: String password =…
Bhavesh
  • 889
  • 1
  • 10
  • 16
43
votes
9 answers

Hash Password in C#? Bcrypt/PBKDF2

I looked up msdn and other resources on how to do this but i came up with no clear solutions. This is the best i found http://blogs.msdn.com/b/shawnfa/archive/2004/04/14/generating-a-key-from-a-password.aspx?Redirected=true I would like to hash…
user34537
40
votes
6 answers

How to compare plain text password to hashed password using bcrypt?

I would like to use bcrypt to hash passwords and later verify if a supplied password is correct. Hashing passwords is easy: import bcrypt password = u'foobar' password_hashed = bcrypt.hashpw(password, bcrypt.gensalt()) # then store password_hashed…
MFB
  • 19,017
  • 27
  • 72
  • 118
39
votes
4 answers

Error installing bcrypt with pip on OS X: can't find ffi.h (libffi is installed)

I'm getting this error when trying to install bcrypt with pip. I have libffi installed in a couple places (the Xcode OS X SDK, and from homebrew), but I don't know how to tell pip to look for it. Any suggestions? Downloading/unpacking bcrypt==1.0.2…
Cody
  • 2,467
  • 2
  • 21
  • 30
38
votes
2 answers

Can someone explain how BCrypt verifies a hash?

I'm using C# and BCrypt.Net to hash my passwords. For example: string salt = BCrypt.Net.BCrypt.GenerateSalt(6); var hashedPassword = BCrypt.Net.BCrypt.HashPassword("password", salt); //This evaluates to True. How? I'm not telling it the salt…
delete
35
votes
6 answers

What is an alternative for bcrypt to use with node?

I have tried for days to get bcrypt installed on my windows machine with no luck. One of the dependencies (Windows 7 SDK) does not want to be installed even though I have tried numerous suggestions from around the net it just refuses to cooperate. I…
Kory
  • 1,396
  • 3
  • 14
  • 31
33
votes
9 answers

Why do I get a bcrypt-ruby gem install error?

Getting an error when trying to install the gem devise, the installation is stopping on the gem bcrypt-ruby: $ gem install bcrypt-ruby Error installing bcrypt-ruby: ERROR: Failed to build gem native extension. I'm running OSX 10.6.7 with Ruby…
led
  • 361
  • 1
  • 4
  • 9
33
votes
4 answers

bcrypt.checkpw returns TypeError: Unicode-objects must be encoded before checking

I am calling bcrypt.checkpw to check unencrypted password matches with hashed password stored in the credential database, but receive TypeError: Unicode-objects must be encoded before checking How should I resolve this issue? Any suggestion? I…
user7153744
  • 331
  • 1
  • 3
  • 3
32
votes
2 answers

What's the most secure possible Devise configuration?

I'm about to start setting up an employees-only Rails application at our company for working with sensitive information. There will be a firewall, physical security measures, etc. My concern right now is the login process for the application. I'd…
Nathan Long
  • 122,748
  • 97
  • 336
  • 451
32
votes
8 answers

How to solve "Could not find any Python installation to use" with docker node alpine Image when adding bcrypt to package.json?

Before I added bcrypt to my package.json, everything was working fine. Now, I get the error message below. This is an excerpt of my package.json: "dependencies": { "bcrypt": "3.0.6", "express": "^4.17.1", "mongodb": "^3.3.1", …
Jens
  • 741
  • 2
  • 7
  • 15
32
votes
7 answers

Trying to hash a password using bcrypt inside an async function

Following on from this question. I feel like I'm almost there, but my incomplete understanding of async is preventing me from solving this. I'm basically trying to just hash a password using bcrypt and have decided to seperate out the hashPassword…
Modermo
  • 1,852
  • 2
  • 25
  • 46
1
2
3
99 100