[Melbourne-pm] Newbie crypto/bcrypt question
Simon Taylor
simon at unisolve.com.au
Thu May 22 23:56:04 PDT 2014
Hi Alfie,
> Hi guys,
>
> Playing around with crypto and found the following weird. Can anyone
> explain why bcrypt_hash() is returning the same hashes for different
> plain-texts?
In my tests here it seems that wherever one of your passwords is made up
of concatenations of the other, you get the same problem, ie:
my @A = hashPassword1("x1z");
my @B = hashPassword1("x1zx1zx1z");
It is possible that you're supposed to use a different salt for *each*
call to bcrypt_hash() ?
Cheers,
Simon
More information about the Melbourne-pm
mailing list