UOTS-Owner Posted December 29, 2021 Posted December 29, 2021 hello, I'm after a sql so when a user logs in their password is updated from the current hash back to md5 please. Or a code to check the password matches their current hash password when logging in. Quote
AdamHull Posted December 29, 2021 Posted December 29, 2021 How do you hash currently? I would never revert back to md5 as this is insecure Quote
Dayo Posted December 29, 2021 Posted December 29, 2021 Why would you ever want to hash back to md5 almost every other hashing method is better Quote The MD5 message-digest algorithm is a cryptographically broken but still widely used hash function producing a 128-bit hash value. Although MD5 was initially designed to be used as a cryptographic hash function, it has been found to suffer from extensive vulnerabilities. It can still be used as a checksum to verify data integrity, but only against unintentional corruption. It remains suitable for other non-cryptographic purposes, for example for determining the partition for a particular key in a partitioned database, and may be preferred due to lower computational requirements than more recent Secure Hash Algorithms algorithms.[3] https://en.wikipedia.org/wiki/MD5 Quote
Maz Posted October 4, 2023 Posted October 4, 2023 On 12/29/2021 at 5:16 PM, UOTS-Owner said: Or a code to check the password matches their current hash password when logging in. Same advice as above: keep the password hashed. It's the better option and you are not prohibiting that in your question but we need to know more about the platform you are using. Which language? Do you use a framework? How did you hashed the password when you stored it into the database (with a salt step?) Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.