How to validiate password

  • Hi,

    I'm trying to link an application to wbb3 and need to know how passwords are created in wbb3,
    I tried the following combinations but they didn't get me the correct values

    md5(userinput . user-salt)
    md5(md5(user-input) . user-salt)

    P.S. user-input comes from my login form, and user-salt comes from wbb3 database

    Edit, I guess I found my answer. following code returned the correct value for password (for me)

    and this worked

    if($getuser['password'] == getDoubleSaltedHash($loginpassword, $getuser['salt']))
    //$getuser['password'] is the password entered from login form

    Edited 2 times, last by esi ().

  • Hi,

    as you found out, StringUtil::getDoubleSaltedHash() is the solution. :)

    FSK 12 - Der Gute kriegt das Mädchen
    FSK 16 - Der Böse kriegt das Mädchen
    FSK 18 - Alle kriegen das Mädchen