security.auth.callback with BCrypt

dirkniemeierde Jan 21, 2013 9:52 AM

Hi,

I am using the security.auth.callback authentication since years very well. The problem is the clear type password in the database. Now I thought to use the BCrypt algorithm to generate a hash code for database storing. Has anyone configured out to use it? The problem is, that it is not possible to generate the the clear type pw from the hash code. It is only possible to compare the typed in pw with the hash code if it fits together.

TIA

Dirk

1. Re: security.auth.callback with BCrypt

dirkniemeierde Jan 22, 2013 6:30 AM (in response to dirkniemeierde)

Hi,
unfortunately nobody has answerd my question. But maybe I can concretize my question:
It is possible to use MD5 and base64 encoding for JAAS authenticate with hashed passwords in DB.

<module-option name="hashAlgorithm">MD5</module-option>
<module-option name="hashEncoding">base64</module-option>

Is there a way to use BCrypt algorithm?

TI
Dirk
Actions