Replies: 1 comment
-
Indeed, sqlpage.hash_password does not work the way you imagine. It generates salted hashes, which are more secure, but contain a part of randomness: if you call hash_password twice with the same password, you will get two different results. You should use the authentication component to check the user's password. Not only is it more secure, it's also easier to use. And if I make ask: what are you trying to achieve here ? If the only thing behind the authentication is a redirection, then your user can simply load |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I am making custom log in form, and have created a "user" with a password hashed by sqlpage.hash_password()
I am now trying to check if the inputted info from an earlier form is correct:
But this does not work. Does password_hash not work as i imagined, where i can confirm the 2 hashed passwords or is there anything else wrong?
Beta Was this translation helpful? Give feedback.
All reactions