Making md5-hash 'mysql compatible'

From: Daan (d_stolp_at_nospam.hotmail.com)
Date: 03/03/04


Date: Wed, 3 Mar 2004 10:12:05 +0100

To store a password in a database, I have used MySQL's MD5-function to
create a hash of the password. Now I have a user who enters a password
(via an html form) that needs to be checked. I have tried to create an
md5-hash using the MessageDigest class, but since this works on bytes
(not on strings), I have not been able to create a hash (as a string)
that I can compare to the hash string that is stored in the database.

How can I create a hash of the password that the user enters, such that
is is equal to the hash in the MySQL database? (provided that the user
enters the right password)

Thanks in advance,

-- 
Daan Stolp


Relevant Pages

  • Re: Newbie - Is this Reasonable?
    ... because this hash is stored in the database. ... So you use PKCS5v2 to generate a key hash from a salt and the user's passphrase, then store the salt and the hash in a database. ... are even more critical in database applications because the payoff from tampering with selected fields may be much higher, fields tend to be fixed-length so it's easier to tamper with them in a meaningful way, and databases lend themselves to off-line analysis, so the attacker can marshall more resources and take more time to attack your system. ... You're using a stream cipher for encryption. ...
    (sci.crypt)
  • Re: looking for help with a counting algorithm
    ... >> subcategory is counted, the code goes back up the tree to the root, adding ... >> involve retrieving all the category memberships from the database, ... sub ReadCategories{ ... ReadCategories is called with two empty hash pointers by any of the ...
    (comp.lang.perl.misc)
  • Re: Best practice for password hashing
    ... a)Making the hash expensive to calculate. ... database is compromised because it exists outside the database) so that an ... attacker is missing a piece of the information required to calculate the ... which renders compromise of the database irrelevant. ...
    (sci.crypt)
  • Re: Convert text string i.e Peter into integer ID
    ... 2.It may not serve my original purpose, which is speeding up database ... some kind of hash. ... I have made one small test already using an additional integer column ... instead of the original headline string. ...
    (comp.lang.ruby)
  • Re: Initialising a hash
    ... format, similar to existing database of this kind, eg, ... occasions, can be used by any kind of code" or ... The hash table can be put into 'other ... Hash lookups in Perl aren't exactly rocket science, ...
    (comp.lang.perl.misc)