We have a PHP class that reads the database on user credentials, rehash SHA1 => BCrypt as needed. Works great, however these days we are developing a WinForms app, and using Chilkat BCrypt assembly we are noticing weird effects to the rehashing procedure.
these are some functions I am using for password encryption and password verification. Was wondering if this is a good way to handle it. I am using the codeigniter framework.
This question has to do with PHP’s implementation of crypt(). For this question, the first 7 characters of the salt are not counted, so a salt ‘$2a$07$a‘ would be said to have a length of 1, as it is only 1 character of salt and seven characters of meta-data.
I am having a bit little bit of trouble understanding php’s crypt function. My PHP version is 5.4.7.
I have read the information provided on the PHP Manual Entry for crypt(), but I find myself still unsure of the format for a salt to trigger the Blowfish algorithm.
I use dovecot as my mail transfer agent and I aim to use the strongest password scheme which is supported by my system: SHA512-CRYPT or SHA256-CRYPT (BLF-CRYPT doesn’t work).
