[RADIATOR] [Radiator] Problem with SHA hash

Alby alby26 at gmail.com
Wed Dec 21 08:16:12 CST 2011


Hello,
I'm storing in a SQL database the user's password in plain text format.
I've tried to switch to hashed password, which is of course a more secure
approach. I' ve some trouble with the SHA hash computation, because the one
that Radiator computes is different from the mine. In the user's manual,
there is an example that says that the SHA hash for the password "fred" is
"k1qAjger6rE9fhCrig+QPZ/HTrJhYWE=". In fact, if I put this hash in the
database, i can successfully log in with the password "fred". But using the
Digest::SHA Perl  module, the OpenSSL commands (echo -n "fred" | openssl
dgst -sha1) and some online tools the SHA hash for the password "fred" is
always the same (31017a722665e4afce586950f42944a6d331dabf) but different
from the one calculated by Radiator.
By the way, with the MD5 algorithm this problem does not exist, but I would
like to use SHA instead that is more secure.
I don't understand what I'm missing...
Thanks for your help
Regards,
Alberto
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20111221/d1934a65/attachment.html 


More information about the radiator mailing list