How to validiate password

  • Hi,

    I'm trying to link an application to wbb3 and need to know how passwords are created in wbb3,
    I tried the following combinations but they didn't get me the correct values

    1. md5(user-input)
    2. md5(userinput . user-salt)
    3. md5(md5(user-input) . user-salt)

    P.S. user-input comes from my login form, and user-salt comes from wbb3 database

    Edit, I guess I found my answer. following code returned the correct value for password (for me)

    and this worked

    1. if($getuser['password'] == getDoubleSaltedHash($loginpassword, $getuser['salt']))
    2. //$getuser['password'] is the password entered from login form
  • Hi,

    as you found out, StringUtil::getDoubleSaltedHash() is the solution. :)

    FSK 12 - Der Gute kriegt das Mädchen
    FSK 16 - Der Böse kriegt das Mädchen
    FSK 18 - Alle kriegen das Mädchen