Comments (3)
An important consideration, I'm pretty sure I selected $2a$
to maximize compatibility, particularly with py-bcrypt since $2y$
was custom to the C lib. However now that $2b$
is a "standard" prefix too, py-bcrypt might either support it as well, or it might be sane to say we want to pick theoretical security over comparability.
from bcrypt.
I'm currently implementing bcrypt password usage in a project and wanted to drop my two cents after reading through jazzyb's changes. The hashes in my system are accessed both by Python and PHP. Where
php > $pwd = 'hello world';
php > $hasha = '$2a$12$CPeaPhxqTrBzJXP1KB1C/.t.2TJ7EzHhyCCmiLKAEKZovzmvdMwge';
php > $hashb = '$2b$12$CPeaPhxqTrBzJXP1KB1C/.t.2TJ7EzHhyCCmiLKAEKZovzmvdMwge';
php > $hashy = '$2y$12$CPeaPhxqTrBzJXP1KB1C/.t.2TJ7EzHhyCCmiLKAEKZovzmvdMwge';
php > var_dump(password_verify($pwd, $hasha));
bool(true)
php > var_dump(password_verify($pwd, $hashb));
bool(false)
php > var_dump(password_verify($pwd, $hashy));
bool(true)
from bcrypt.
I'm adding a check in my code to handle this issue if
from bcrypt.
Related Issues (20)
- Please provide precompiled package for python 3.11 HOT 4
- No version of bcrypt for Python 3.10 HOT 1
- Error when using bcrypt to salt and hash password HOT 1
- checkpw issue, I need some guide. HOT 4
- Python2.7 ImportError: cannot import name _bcrypt HOT 3
- Document packages bundled inside wheels HOT 2
- python 3.7.3 HOT 4
- "Illegal instruction" on Raspberry Pi Zero HOT 10
- new release needed for python 3.12 compatibility at build time HOT 9
- New release results in bcrypt break HOT 22
- I use `bcrypt` with `passlib` HOT 2
- Install [email protected]. 400 bad request HOT 1
- AttributeError: module 'bcrypt' has no attribute '__about__' with new 4.1.1 version HOT 20
- install 4.1.1 on M2 chip failed HOT 1
- Why is the macOS 11/12 wheel dropped? HOT 3
- The bcrypt.hashpw(val1, val2) function always produces the same output even if the values are different. HOT 4
- [4.1.1] ImportError: PyO3 modules compiled for CPython 3.8 or older may only be initialized once per interpreter process HOT 14
- new version on mipsel 32 bit Atomic error HOT 4
- Is BSD license applicable?
- RFE: is it possible to start making github releases?🤔 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bcrypt.