Click here to Skip to main content
13,734,713 members
Rate this:
Please Sign up or sign in to vote.
See more:
declare @original nvarchar(128)  = '1'
declare @afterhash varbinary(128) = HASHBYTES('SHA2_512', '1')

select PWDCOMPARE(@original, @afterhash)
select @afterhash

What I have tried:

I have tried to change 1 to 0 and change 1 to @original.
Posted 9-Nov-17 5:37am
Updated 9-Nov-17 6:32am

1 solution

Rate this: bad
Please Sign up or sign in to vote.

Solution 1

It's returning 0 because PWDCOMPARE is hashing the clear text password you're passing in with an algorithm that is not SHA2_512.

You can see this yourself by doing this:
DECLARE @Original nvarchar(128) = '1';

DECLARE @Hashed varbinary(128) = HASHBYTES('SHA2_512', '1');

SELECT @Hashed AS 'SHA2_512 Hash';

SELECT PWDCOMPARE(@Original, @Hashed);

You should only use PWDCOMPARE with a column that was encrypted with PWDENCRYPT.

You should NOT being PWDENCRYPT anymore. Use HASHBYTES instead and compare against the column value yourself.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

Advertise | Privacy | Cookies | Terms of Service
Web05-2016 | 2.8.180920.1 | Last Updated 9 Nov 2017
Copyright © CodeProject, 1999-2018
All Rights Reserved.
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100