Do I need to store the salt with bcrypt?

About

Asked 10/11, 2008 at 4:14 Answered 10/11, 2008 at 4:33

Solved java encryption passwords salt bcrypt

209

bCrypt's javadoc has this code for how to encrypt a password:

String pw_hash = BCrypt.hashpw(plain_password, BCrypt.gensalt());

To check whether a plaintext password matches one that has been hashed previously, use the checkpw method:

if (BCrypt.checkpw(candidate_password, stored_hash))
    System.out.println("It matches");
else
    System.out.println("It does not match");

These code snippets imply to me that the randomly generated salt is thrown away. Is this the case, or is this just a misleading code snippet?

Roughandready answered 10/11, 2008 at 4:14 Comment(0)

237

The salt is incorporated into the hash (encoded in a base64-style format).

For example, in traditional Unix passwords the salt was stored as the first two characters of the password. The remaining characters represented the hash value. The checker function knows this, and pulls the hash apart to get the salt back out.

Demineralize answered 10/11, 2008 at 4:33 Comment(6)

The salt IS incorporated in the password. So you don't have to save the salt. – Antennule 10/11, 2008 at 8:57

Thanks for that. I wish they said that in the javadoc :) (I've looked at the source and confirmed - but I didn't know what I was looking for before) – Roughandready 10/11, 2008 at 22:17

Thanks - I was trying to figure this out too! Now I'm wondering if this is a good idea. Is there an advantage/disadvantage to keeping the salt in the hash over storing it separately? – Subcontraoctave 12/1, 2011 at 21:58

@Subcontraoctave - As the salt is randomly generated, it means you don't need to have a method of associating the two things in your database. – Roughandready 26/1, 2011 at 20:39

I took a look at the source code and discovered that although the JavaDoc for the salt argument is "perhaps generated using BCrypt.gensalt", I found that you have to use the genSalt() method or you get exceptions =/ – Brachylogy 31/1, 2013 at 18:17

Or have the salt in a very particular format. They may as well have excluded the salt as a parameter for the method and just called it internally. Testing the code with my own salt confirmed this (P.S. sorry for the double comment). This leads me to wonder just how secure this code really is (it may be fine... I'm just wondering) – Brachylogy 31/1, 2013 at 18:34

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags