Posts: 854
Threads: 154
Joined: Jun 2012
Reputation:
0
I am making a ACP for my website. The only thing I'm having an issue with, is getting the player account passwords to convert to what they should be, in the profiles they are encoded (via the num_hash in the dutils include).
So in php how can I get num_hash encoded passwords back to what they would be (So that they player can log on)?
Thanks for any support: Jake Johnson
Posts: 10,066
Threads: 38
Joined: Sep 2007
Reputation:
0
Hashes are not meant to be decoded/decrypted/hacked. That's the point of hashes. They're one way only. If you need to compare passwords, then hash the input password and compare it with what's stored in the database.
That said, num_hash (a.k.a. Adler32) can't be considered a decent form of security. It is in fact a checksum algorithm rather than a hashing algorithm. If you're just a little bit serious about security then you should rid yourself of dini and dutils. I don't know whether you're using files or MySQL, but both systems have far better hashing algorithms available. For a file based system you can use Whirlpool, for a MySQL based system you can use (a combination of) md5, sha1 or sha2.
Posts: 854
Threads: 154
Joined: Jun 2012
Reputation:
0
Thanks for the tip!
+1 Rep
