[Melbourne-pm] Newbie crypto/bcrypt question

Simon Taylor simon at unisolve.com.au
Thu May 22 23:56:04 PDT 2014

Hi Alfie,

> Hi guys,
> Playing around with crypto and found the following weird. Can anyone
> explain why bcrypt_hash() is returning the same hashes for different
> plain-texts?

In my tests here it seems that wherever one of your passwords is made up 
of concatenations of the other, you get the same problem, ie:

   my @A = hashPassword1("x1z");
   my @B = hashPassword1("x1zx1zx1z");

It is possible that you're supposed to use a different salt for *each* 
call to bcrypt_hash() ?



More information about the Melbourne-pm mailing list