Click here to Skip to main content
15,889,859 members
Search within:


Retrieve salt from hash sha512
Please Sign up or sign in to vote.
1.00/5 (3 votes)
See more:
C#
Hi, I am using SHA512 algorithm to generate my hash and salt, how do I strip my salt value to compare passwords?
Here is an example of my hash and salt
Hash-y2Xx7GpEJlvQoZRoJdHbswWawc80x76r7boABaV903WZ9UUEMhqkw1DGioMkp0o91vixqp1OtPOGJSdyMLNbqQ==
Salt-meP9gXvqn5s=
Posted
Add a Solution

1 solution

You missing something here...
You take your password, add some salt (maybe pepper and olive oil) to it, than crate its hash and store that in some database.
When want to check if the provided password is the same stored in the database you pass it through the same process - except the store part, and compare the result to the stored value...
This is the right process, and anyway you can not reverse this kind of hash to get the original value. For security reason in password storage you have to use a one-way-has (called also cryptographic hash), like SHA...
[EDIT]
Some code sample to get the idea...
C#
private string CreateHash ( string Password )
{
    string szBase = string.Format ( "code{0}project", Password );
    SHA512 oSHA512 = SHA512.Create ( );
    byte[ ] bResult = oSHA512.ComputeHash ( Encoding.UTF8.GetBytes ( szBase ) );
    string szHash = Encoding.UTF8.GetString ( bResult );

    return ( szHash );
}

public void StorePassword(string UserName, string Password)
{
    string szHash = CreateHash ( Password );

    DAL.StorePassword ( UserName, szHash );
}

public void ValidatePassword ( string UserName, string Password )
{
    string szStoredHash = DAL.ReadPassword ( UserName );
    string szHash = CreateHash ( Password );

    if ( szHash.Equals ( szStoredHash ) )
    {
        // Authenticated
    }
    else
    {
        // Invalid UserName or Password
    }
}

[/EDIT]
 
Share this answer
 
Posted
Updated 20-Jul-14 7:35am
v3
Comments
polkj 20-Jul-14 8:57am    
But now my hash is with the salt, how do I compare passwords?
Kornfeld Eliyahu Peter 20-Jul-14 9:00am    
Read carefully what I have told!
1. Store original password:
a. get the password
b. add salt
c. create the hash (from the combined password-salt string!)
d. store in db
2. Compare password
a. get the password
b. add salt
c. create the hash (from the combined password-salt string!)
d. compare the outcome with the string stored in 1.d!!!
CPallini 20-Jul-14 9:02am    
5.
Kornfeld Eliyahu Peter 20-Jul-14 9:03am    
Thank you!
polkj 20-Jul-14 11:52am    
any sample codes?
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
How to Encrypt using SHA512 with Salt?
how compare password from database with input user password when password in database hash with sha512 and salt
Salt in a hash with password
Hash and salt to string
salt and hash method
re-hash sha512 password?
Hash::salt method issue
How to match a hash string generated from SHA512 algorithm to payment gateway string
How do i hash a password with salt in c#?
Hash Passwords in SQL Server vs. Hash and salt in .net

Advertise
Privacy
Cookies
Terms of Use
Last Updated 20 Jul 2014
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web02 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900