View ProjeQtOr On SourceForge.net
ProjeQtOr - Project Management Tool
Supportez nous sur Capterra
OIN - Open Invention Network
ProjeQtOr free project management software - how password are encrypted - ProjeQtOr

Prochaines Sessions

Les prochaines formations et démonstrations sont ouvertes, inscrivez-vous rapidement !

 

Démonstration de ProjeQtOr

(gratuit, sur inscription)
 

13 mai 2025 (10h30-12h)

5 juin 2025 (16h-17h30)

  
 

Planifiez avec ProjeQtOr

15 et 16 avril 2025 (9h-12h30)

14 et 15 mai 2025 (9h-12h30)

  
 

Administrez avec ProjeQtOr

23 et 24 avril (9h-12h30)

20 et 21 mai (9h-12h30)

  

 

 

how password are encrypted

More
25 Jui 2019 09:45 #1 by sogeti
how password are encrypted was created by sogeti
Hi,

Im searching how password are encrypted in the table [resource], column [password] in projeqtor database (mh5, sh256..)

Could you help me ?

Benjamin

Please Connexion or Create an account to join the conversation.

More
25 Jui 2019 11:58 #2 by babynus
Replied by babynus on topic how password are encrypted
They are encrypted in a non bijective way : you cannot decrypt passwords.
To check password, we encrypt password given by user with same method and compare result with stored encrypted value (it is same process as for credit card code)
Babynus
Administrator of ProjeQtOr web site

Please Connexion or Create an account to join the conversation.

More
25 Jui 2019 13:59 #3 by sogeti
Replied by sogeti on topic how password are encrypted
Thanks for your reply.
For explication : We want to create a new application using informations in the report view (work planned, work imputed...) and use the login/password in the projeqtor database
This is why we want to use the same encryption method.

Please Connexion or Create an account to join the conversation.

More
25 Jui 2019 15:46 #4 by Envergus
Replied by Envergus on topic how password are encrypted
MD5

Please Connexion or Create an account to join the conversation.

More
25 Jui 2019 16:24 #5 by babynus
Replied by babynus on topic how password are encrypted

Envergus wrote: MD5

No, not so easy.
it is sha256 encryption of password with extra "salt" (randow key stored on user to reduce brute force attacks efficiency)

$this->password=hash('sha256',$paramDefaultPassword.$this->salt);

Babynus
Administrator of ProjeQtOr web site
The following user(s) said Thank You: Envergus

Please Connexion or Create an account to join the conversation.

More
25 Jui 2019 23:44 #6 by gohrner
Replied by gohrner on topic how password are encrypted
How about a future switch to the secure password hashing and verification functions PHP now offers?

secure.php.net/manual/en/function.password-hash.php secure.php.net/manual/en/function.password-verify.php

This will be significantly more secure, as sha256 hashes are comparatively quickly computed using modern graphics cards, allowing to break even non-trivial salted passwords just by brute-forcing them.

Please Connexion or Create an account to join the conversation.

Moderators: babynusprotion
Time to create page: 0.173 seconds

Paramétrages de cookies

×

Cookies fonctionnels

Ce site utilise des cookies pour assurer son bon fonctionnement et ne peuvent pas être désactivés de nos systèmes. Nous ne les utilisons pas à des fins publicitaires. Si ces cookies sont bloqués, certaines parties du site ne pourront pas fonctionner.

Session

Veuillez vous connecter pour voir vos activités!

Autres cookies

Ce site web utilise un certain nombre de cookies pour gérer, par exemple, les sessions utilisateurs.

Login Form