Passwords with Salt

[Tad Marko]

I've read a couple of things that imply that I can use salted passwords with vt-password, but I cannot find an example showing how this is done. Can someone point me to an example using salted password hashes along with HistoryRule to limit password reuse?

Thanks,
Tad

[Daniel Fisher]

On Tue, Apr 8, 2014 at 4:41 PM, Tad Marko <t...@markoland.net> wrote:

I've read a couple of things that imply that I can use salted passwords with vt-password, but I cannot find an example showing how this is done. Can someone point me to an example using salted password hashes along with HistoryRule to limit password reuse?

I don't think we have any examples other than what is in the test source.

vt-password does support salted hashes, but only if they are appended.

Here is an example:

    HistoryRule rule = new HistoryRule();

    rule.setDigest("SHA-1", new Base64Converter());

    List<String> history = new ArrayList<String>();

    history.add("sha1-base64-salted-password");

    PasswordData pd = new PasswordData(new Password("password-to-test"));

    pd.setPasswordHistory(history);

    RuleResult result = rule.validate(pd);

--Daniel Fisher