asked on

Howto: MD5 hash with Salt

Hi folks:

I'm using plain old ASP, and I need to find a way to hash a password using salt. Does anybody know how to accomplish this. I need both the saltless MD5 hash, and the salted MD5 hash.

Regards,

Dan

jmanGJHS97

Check out this link:

http://pajhome.org.uk/crypt/md5/

It's got full source code and some good instructions. I've used this code, and it works great.

Jeff

dwaldner

ASKER

Jeff,

The code is strictly in JS...I require it in VBScript. I'm thinking maybe just scrap it and do it in PHP where its already implemented for me.

jmanGJHS97

Why do you require it in vbscript? You can run JS inside an asp page. I am doing it today.

Jeff

dwaldner

ASKER

Here's what I need:

I have a table of usernames/passwords that need hashing.

I need to query the database, hash the passwords, and update the fields to reflect the hashes.

I don't think JS will cut it.

ASKER CERTIFIED SOLUTION

jmanGJHS97

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

jmanGJHS97

FUNCTION MakeSalt()
dim sSalt,max,min,seed,i
sSalt = ""
max=89
min=65
seed = clng(minute(now()) & second(now))
sSalt = seed

Randomize
for i = 0 to 5
sSalt = sSalt & chr(cInt((max-min+1)*Rnd(seed)+min))
next

MakeSalt = sSalt
END FUNCTION

jmanGJHS97

So, you just append the Salt to the end of the user-entered password, then pass that to md5, and it will return the hash, which you store in the database. Then, to verify a user's login, you create another hash with the password they used to log in, and compare that to the value in the database. If they're equal, the user is authenticated.

Jeff

dwaldner

ASKER

Great, thanks!

jmanGJHS97

Sure thing.

Jeff