After seeing that default passwords generated by phpMyAdmin used mysql_native_password and therefore hashes didn’t changed when equal passwords where used, I updated one user’s password and set the hashing to SHA256.
I’m going to run SHA256 on a password + salt, but I don’t know how long to make my VARCHAR when setting up the MySQL database. What is a good length?
I’ve made encrypting of the password in my register script and they are stored in the database, and I have to use them to login, so I would want to use the unencrypted ones to login. I’ve read some of the threads in here but nothing is helping me. How can I add it in my login.php? The salt is also stored in the database.
I’m using php 8.0.11, i have to generate a SHA256 encrypted messagesignature.When i test the API in postman with javascipt code in Pre-request script it give the right encrypted messagesignature, i converted the script to php when i test it in php it sends a different wrong encrypted messagesignature (key & msg are fake) :
I’m making a php login, and I’m trying to decide whether to use SHA1 or Md5, or SHA256 which I read about in another stackoverflow article. Are any of them more secure than others? For SHA1/256, do I still use a salt?
I can make an HMAC using the following:
I use dovecot as my mail transfer agent and I aim to use the strongest password scheme which is supported by my system: SHA512-CRYPT or SHA256-CRYPT (BLF-CRYPT doesn’t work).
I play with digital signatures using node.js. For test purpose, I created a digital signature of some XML data, first using only SHA256, then using RSA-SHA256.
