Password authentication for web and mobile apps by Dmitry Chestnykh

Author:Dmitry Chestnykh
Language: eng
Format: epub
Published: 2020-05-29T00:00:00+00:00

Note that as warned above, for bcrypt and implementations of other password hashes that accept NUL-terminated strings, you will need to encode the prehash before inputting it into the password hash (for example, encode it in hex or Base64).

Prehashing suits bcrypt more, since it also solves the limited password length problem, and since the length of salt in bcrypt is fixed, so concatenation will not work with it.

For PBKDF2, scrypt and yescrypt you can simply concatenate the pepper with the salt:

newSalt = CONCAT(pepper, salt) hash = scrypt(prehash, newSalt, N, r, p)

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.