NightDream
Apr 25, 2020, 12:51:23 PM4/25/20
to dotCMS User Group
Hi everyone, is there any API to compare hash?
What I'm trying to achieve is user cannot change back the password that have been used.
The password cannot be recycle used.
Scenario
1) User change the password from "hello" (Hash "safewrwr3") to "abc123" (Hash "iksnafjihe132")
2) System store the hash ("safewrwr3") on passwordtracker database to be compare later.
3) User change the password from "abc123" to "hello" (Hash "kasdf") again. <--- The problem is "hello" hash no longer "safewrwr3". I cannot track back the old password.
How do I compare password "hello" (Hash "safewrwr3") with "hello" (Hash "iksnafjihe132")?
Below is the method to use hash a password.
PasswordFactoryProxy.generateHash(unEncryptedPassword)Thanks
Nathan Keiter
Apr 27, 2020, 9:16:36 AM4/27/20
to dot...@googlegroups.com
For a one-way hash to work, the hash must return the same value every time. Otherwise the user wouldn't be able to login.
You should see the same result with the same input... perhaps you are using the wrong method?
Encryptor encryptor = EncryptorFactory.getInstance().getEncryptor();
String result = encryptor.digest( password );
Nathan I. Keiter | Lead Network Applications Programmer | Benefits Advisory Council Member | I.D.E.A Council Member
Gettysburg College | Information Technology | DataSystems
Campus Box 2453 | 300 North Washington Street | Gettysburg, PA 17325
Phone: 717.337.6993
https://www.gettysburg.edu<https://www.gettysburg.edu/>
________________________________
From: dot...@googlegroups.com <dot...@googlegroups.com> on behalf of NightDream <zuri...@gmail.com>
Sent: Saturday, April 25, 2020 12:51 PM
To: dotCMS User Group
Subject: [dotcms] User Password Hash Compare
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
________________________________
--
http://dotcms.com<https://linkprotect.cudasvc.com/url?a=http%3a%2f%2fdotcms.com&c=E,1,lD4k2hxX5do9o72Uzqv-NRGHKnzvGpU4ch5WXHqWI-CmPPLvqpAKH2Ba5Oll889q143t98yzTUM5CsSxdX7PYO7aIPNLl_VauX2W2Gq8lril&typo=1> - Open Source Java Content Management
---
You received this message because you are subscribed to the Google Groups "dotCMS User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dotcms+un...@googlegroups.com<mailto:dotcms+un...@googlegroups.com>.
To view this discussion on the web visit https://groups.google.com/d/msgid/dotcms/c9575d8c-b22c-4485-9009-956335fe5cd3%40googlegroups.com<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fgroups.google.com%2fd%2fmsgid%2fdotcms%2fc9575d8c-b22c-4485-9009-956335fe5cd3%2540googlegroups.com%3futm_medium%3demail%26utm_source%3dfooter&c=E,1,Y_0jhRyH-zo8D8GYb4ZP2zAKry3eJ9mMI1mo4K04ytCzfbldX9xzGRVZC1xXsSyLsHpBp_JYL-K1w90uptUgj8eaZo_g9BVjU3VveGeSvHs0-M3pvg,,&typo=1>.
You should see the same result with the same input... perhaps you are using the wrong method?
Encryptor encryptor = EncryptorFactory.getInstance().getEncryptor();
String result = encryptor.digest( password );
Nathan I. Keiter | Lead Network Applications Programmer | Benefits Advisory Council Member | I.D.E.A Council Member
Gettysburg College | Information Technology | DataSystems
Campus Box 2453 | 300 North Washington Street | Gettysburg, PA 17325
Phone: 717.337.6993
https://www.gettysburg.edu<https://www.gettysburg.edu/>
________________________________
From: dot...@googlegroups.com <dot...@googlegroups.com> on behalf of NightDream <zuri...@gmail.com>
Sent: Saturday, April 25, 2020 12:51 PM
To: dotCMS User Group
Subject: [dotcms] User Password Hash Compare
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
________________________________
http://dotcms.com<https://linkprotect.cudasvc.com/url?a=http%3a%2f%2fdotcms.com&c=E,1,lD4k2hxX5do9o72Uzqv-NRGHKnzvGpU4ch5WXHqWI-CmPPLvqpAKH2Ba5Oll889q143t98yzTUM5CsSxdX7PYO7aIPNLl_VauX2W2Gq8lril&typo=1> - Open Source Java Content Management
---
You received this message because you are subscribed to the Google Groups "dotCMS User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dotcms+un...@googlegroups.com<mailto:dotcms+un...@googlegroups.com>.
To view this discussion on the web visit https://groups.google.com/d/msgid/dotcms/c9575d8c-b22c-4485-9009-956335fe5cd3%40googlegroups.com<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fgroups.google.com%2fd%2fmsgid%2fdotcms%2fc9575d8c-b22c-4485-9009-956335fe5cd3%2540googlegroups.com%3futm_medium%3demail%26utm_source%3dfooter&c=E,1,Y_0jhRyH-zo8D8GYb4ZP2zAKry3eJ9mMI1mo4K04ytCzfbldX9xzGRVZC1xXsSyLsHpBp_JYL-K1w90uptUgj8eaZo_g9BVjU3VveGeSvHs0-M3pvg,,&typo=1>.
NightDream
Apr 28, 2020, 12:33:22 PM4/28/20
to dotCMS User Group
Alright thanks, will use this method instead
To unsubscribe from this group and stop receiving emails from it, send an email to dot...@googlegroups.com<mailto:dotcms+unsub...@googlegroups.com>.
Reply all
Reply to author
Forward
0 new messages