dwaldner
asked on
Howto: MD5 hash with Salt
Hi folks:
I'm using plain old ASP, and I need to find a way to hash a password using salt. Does anybody know how to accomplish this. I need both the saltless MD5 hash, and the salted MD5 hash.
Regards,
Dan
I'm using plain old ASP, and I need to find a way to hash a password using salt. Does anybody know how to accomplish this. I need both the saltless MD5 hash, and the salted MD5 hash.
Regards,
Dan
ASKER
Jeff,
The code is strictly in JS...I require it in VBScript. I'm thinking maybe just scrap it and do it in PHP where its already implemented for me.
The code is strictly in JS...I require it in VBScript. I'm thinking maybe just scrap it and do it in PHP where its already implemented for me.
Why do you require it in vbscript? You can run JS inside an asp page. I am doing it today.
Jeff
Jeff
ASKER
Here's what I need:
I have a table of usernames/passwords that need hashing.
I need to query the database, hash the passwords, and update the fields to reflect the hashes.
I don't think JS will cut it.
I have a table of usernames/passwords that need hashing.
I need to query the database, hash the passwords, and update the fields to reflect the hashes.
I don't think JS will cut it.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
FUNCTION MakeSalt()
dim sSalt,max,min,seed,i
sSalt = ""
max=89
min=65
seed = clng(minute(now()) & second(now))
sSalt = seed
Randomize
for i = 0 to 5
sSalt = sSalt & chr(cInt((max-min+1)*Rnd(s eed)+min))
next
MakeSalt = sSalt
END FUNCTION
dim sSalt,max,min,seed,i
sSalt = ""
max=89
min=65
seed = clng(minute(now()) & second(now))
sSalt = seed
Randomize
for i = 0 to 5
sSalt = sSalt & chr(cInt((max-min+1)*Rnd(s
next
MakeSalt = sSalt
END FUNCTION
So, you just append the Salt to the end of the user-entered password, then pass that to md5, and it will return the hash, which you store in the database. Then, to verify a user's login, you create another hash with the password they used to log in, and compare that to the value in the database. If they're equal, the user is authenticated.
Jeff
Jeff
ASKER
Great, thanks!
Sure thing.
Jeff
Jeff
http://pajhome.org.uk/crypt/md5/
It's got full source code and some good instructions. I've used this code, and it works great.
Jeff