使用bcrypt填充哈希密码！忘记密码的时候？ [英] Hash password using bcrypt ! when forget password ?

问题描述

是Bcrypt单向哈希？

i尝试使用Bcrypt加密将管理员密码存储到数据库。

管理员忘记密码怎么样？

如何通过密码加密了解管理员普通密码？



我尝试过：

is Bcrypt one way-hash ?
i try to store admin password to database using Bcrypt encryption.
how about admin forget password ?
how to know admin plain password from password encryption?

What I have tried:

tb2.Text = BCrypt.Net.BCrypt.HashPassword(tb1.Text)

推荐答案

引用：

是Bcrypt单向哈希？

is Bcrypt one way-hash ?

是的。所有哈希都是单向的：它们丢弃信息以产生输入的唯一值。

Yes. All hashes are effectively one-way: they throw away information to produce a "unique" value for the input.

引用：

管理员忘记密码怎么样？

how about admin forget password ?

当您忘记密码时，将其重置为新值（并将其存储在数据库中）并发送新密码对用户而言，鼓励他们将其改为他们能记住的。 （为了让他们这样做，我使用GUID作为新密码 - 没有人想要尝试记住它们，所以他们确实很快重置了价值）

When you forget a password, you reset it to a new value (and store the hash of that in the DB) and send the new password to the user, encouraging them to change it to one they can remember. (In order to make them do this, I use GUIDs as the new password - nobody wants to try and remember them, so they do reset the value pretty quickly)

引用：

如何从密码加密中了解admin plain password？

how to know admin plain password from password encryption?

你不能：所有密码都存储为哈希值，以便没有人（除了用户）知道他们使用了什么密码。

You can't: all passwords are stored as hashes, so that nobody at all (except the user) has any idea what password they used.

这篇关于使用bcrypt填充哈希密码！忘记密码的时候？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！