hash password with md5 - Printable Version
+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: hash password with md5 (/showthread.php?tid=641330)
+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: hash password with md5 (/showthread.php?tid=641330)
hash password with md5 - warningCode - 14.09.2017
I want to hash password with md5
how can i do?
Re: hash password with md5 - Zeth - 14.09.2017
If you are using MySQL, there is no need of any plugin, you just need to put md5 along with the the password like md5('%s') and you can also use salt with md5 to improve the security.
Re: hash password with md5 - Vince - 14.09.2017
MD5 has been proven insecure. Use the inbuilt SHA256_PassHash() function instead.
Re: hash password with md5 - warningCode - 14.09.2017
https://sampforum.blast.hk/showthread.php?tid=273088
instead of udb.
how can i do on it? md5 or sha256
Re: hash password with md5 - warningCode - 15.09.2017
Quote:
|
Originally Posted by warningCode
 https://sampforum.blast.hk/showthread.php?tid=273088
instead of udb. how can i do on it? md5 or sha256 |
Re: hash password with md5 - Meller - 15.09.2017
I'd suggest you to use SHA256 with a secret HASH, example:
PHP код:
SHA256_PassHash(password[], salt[], ret_hash[], ret_hash_len)
SHA256_PassHash("the input", ""ur secret hash/salt", password, sizeof password);
Re: hash password with md5 - Whatname - 15.09.2017
md5 is not that good
use whirlpool or sha256
Re: hash password with md5 - warningCode - 15.09.2017
Quote:
|
Originally Posted by Meller
I'd suggest you to use SHA256 with a secret HASH, example:
PHP код:
|
Код:
public OnDialogResponse(playerid, dialogid, response, listitem, inputtext[])
{
switch( dialogid )
{
case DIALOG_REGISTER:
{
if (!response) return Kick(playerid);
if(response)
{
if(!strlen(inputtext)) return ShowPlayerDialog(playerid, DIALOG_REGISTER, DIALOG_STYLE_INPUT, ""COL_WHITE"Registering...",""COL_RED"You have entered an invalid password.\n"COL_WHITE"Type your password below to register a new account.","Register","Quit");
new INI:File = INI_Open(UserPath(playerid));
INI_SetTag(File,"data");
INI_WriteInt(File,"Password",udb_hash(inputtext));
INI_WriteInt(File,"Cash",0);
INI_WriteInt(File,"Admin",0);
INI_WriteInt(File,"Kills",0);
INI_WriteInt(File,"Deaths",0);
INI_Close(File);
SetSpawnInfo(playerid, 0, 0, 1958.33, 1343.12, 15.36, 269.15, 0, 0, 0, 0, 0, 0);
SpawnPlayer(playerid);
ShowPlayerDialog(playerid, DIALOG_SUCCESS_1, DIALOG_STYLE_MSGBOX,""COL_WHITE"Success!",""COL_GREEN"Great! Your Y_INI system works perfectly. Relog to save your stats!","Ok","");
}
}
case DIALOG_LOGIN:
{
if ( !response ) return Kick ( playerid );
if( response )
{
if(udb_hash(inputtext) == PlayerInfo[playerid][pPass])
{
INI_ParseFile(UserPath(playerid), "LoadUser_%s", .bExtra = true, .extra = playerid);
GivePlayerMoney(playerid, PlayerInfo[playerid][pCash]);
ShowPlayerDialog(playerid, DIALOG_SUCCESS_2, DIALOG_STYLE_MSGBOX,""COL_WHITE"Success!",""COL_GREEN"You have successfully logged in!","Ok","");
}
else
{
ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_INPUT,""COL_WHITE"Login",""COL_RED"You have entered an incorrect password.\n"COL_WHITE"Type your password below to login.","Login","Quit");
}
return 1;
}
}
}
return 1;
}
Re: hash password with md5 - Meller - 15.09.2017
Your encryption should be enough, you're using local files, being restricted to your server only, there's no way they're getting leaked unless you're stupid. But, if you'd be stupid, you still have udb_hash(). So it should be enough. I only encrypt my passwords if they're remote, of course I've started encrypting them all the time, but what you got is enough.
Re: hash password with md5 - warningCode - 15.09.2017
Quote:
|
Originally Posted by Meller
Your encryption should be enough, you're using local files, being restricted to your server only, there's no way they're getting leaked unless you're stupid. But, if you'd be stupid, you still have udb_hash(). So it should be enough. I only encrypt my passwords if they're remote, of course I've started encrypting them all the time, but what you got is enough.
|
This is not possible with udb.