Difference between #2 and #3 of
Secure password hashing with bCrypt

Revision #3 has been created by Ivo Pereira on Nov 29, 2012, 2:25:30 AM with the memo:

salsa20 was being used as the algorithm, however since PHP 5.4 it was removed. I've replaced it by sha512.
« previous (#2)

Changes

Title unchanged

Secure password hashing with bCrypt

Category unchanged

How-tos

Yii version unchanged

Tags unchanged

security, password, hash, hashing, bcrypt, login

Content changed

[...]
$key = uniqid($this->prefix, true);

// 12 rounds of HMAC must be reproduced / created verbatim, no known shortcuts.
// Salsa20 returns more than enough bytes.
for($i = 0; $i < 12; $i++) {
$bytes = hash_hmac('salsa20ha512', microtime() . $bytes, $key, true);
usleep(10);
}
}
return $bytes;
}
[...]
5 0
9 followers
Viewed: 38 141 times
Version: 1.1
Category: How-tos
Tags: bcrypt, hash, hashing, login, password, security
Written by: waitforit
Last updated by: Ivo Pereira
Created on: Dec 20, 2011
Last updated: 11 years ago
Update Article
Revert to #2 | Revert to #3

Revisions

View all history