hash password with md5
#1

I want to hash password with md5
how can i do?
Reply
#2

If you are using MySQL, there is no need of any plugin, you just need to put md5 along with the the password like md5('%s') and you can also use salt with md5 to improve the security.
Reply
#3

MD5 has been proven insecure. Use the inbuilt SHA256_PassHash() function instead.
Reply
#4

https://sampforum.blast.hk/showthread.php?tid=273088
instead of udb.
how can i do on it? md5 or sha256
Reply
#5

Quote:
Originally Posted by warningCode
Посмотреть сообщение
https://sampforum.blast.hk/showthread.php?tid=273088
instead of udb.
how can i do on it? md5 or sha256
again.
Reply
#6

I'd suggest you to use SHA256 with a secret HASH, example:

PHP код:
SHA256_PassHash(password[], salt[], ret_hash[], ret_hash_len)

SHA256_PassHash("the input"""ur secret hash/salt", password, sizeof password); 
Reply
#7

md5 is not that good

use whirlpool or sha256
Reply
#8

Quote:
Originally Posted by Meller
Посмотреть сообщение
I'd suggest you to use SHA256 with a secret HASH, example:

PHP код:
SHA256_PassHash(password[], salt[], ret_hash[], ret_hash_len)
SHA256_PassHash("the input"""ur secret hash/salt", password, sizeof password); 
how i can edit according to this?
Код:
public OnDialogResponse(playerid, dialogid, response, listitem, inputtext[])
{
    switch( dialogid )
    {
        case DIALOG_REGISTER:
        {
            if (!response) return Kick(playerid);
            if(response)
            {
                if(!strlen(inputtext)) return ShowPlayerDialog(playerid, DIALOG_REGISTER, DIALOG_STYLE_INPUT, ""COL_WHITE"Registering...",""COL_RED"You have entered an invalid password.\n"COL_WHITE"Type your password below to register a new account.","Register","Quit");
                new INI:File = INI_Open(UserPath(playerid));
                INI_SetTag(File,"data");
                INI_WriteInt(File,"Password",udb_hash(inputtext));
                INI_WriteInt(File,"Cash",0);
                INI_WriteInt(File,"Admin",0);
                INI_WriteInt(File,"Kills",0);
                INI_WriteInt(File,"Deaths",0);
                INI_Close(File);

                SetSpawnInfo(playerid, 0, 0, 1958.33, 1343.12, 15.36, 269.15, 0, 0, 0, 0, 0, 0);
                SpawnPlayer(playerid);
                ShowPlayerDialog(playerid, DIALOG_SUCCESS_1, DIALOG_STYLE_MSGBOX,""COL_WHITE"Success!",""COL_GREEN"Great! Your Y_INI system works perfectly. Relog to save your stats!","Ok","");
			}
        }

        case DIALOG_LOGIN:
        {
            if ( !response ) return Kick ( playerid );
            if( response )
            {
                if(udb_hash(inputtext) == PlayerInfo[playerid][pPass])
                {
                    INI_ParseFile(UserPath(playerid), "LoadUser_%s", .bExtra = true, .extra = playerid);
                    GivePlayerMoney(playerid, PlayerInfo[playerid][pCash]);
					ShowPlayerDialog(playerid, DIALOG_SUCCESS_2, DIALOG_STYLE_MSGBOX,""COL_WHITE"Success!",""COL_GREEN"You have successfully logged in!","Ok","");
                }
                else
                {
                    ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_INPUT,""COL_WHITE"Login",""COL_RED"You have entered an incorrect password.\n"COL_WHITE"Type your password below to login.","Login","Quit");
                }
                return 1;
            }
        }
    }
    return 1;
}
Reply
#9

Your encryption should be enough, you're using local files, being restricted to your server only, there's no way they're getting leaked unless you're stupid. But, if you'd be stupid, you still have udb_hash(). So it should be enough. I only encrypt my passwords if they're remote, of course I've started encrypting them all the time, but what you got is enough.
Reply
#10

Quote:
Originally Posted by Meller
Посмотреть сообщение
Your encryption should be enough, you're using local files, being restricted to your server only, there's no way they're getting leaked unless you're stupid. But, if you'd be stupid, you still have udb_hash(). So it should be enough. I only encrypt my passwords if they're remote, of course I've started encrypting them all the time, but what you got is enough.
I understand but the registers will be closed from in the game, to be done through .ini.
This is not possible with udb.
Reply


Forum Jump:


Users browsing this thread: 3 Guest(s)