Hi Anthony,
I'm using this python module which claims to mimic the encyption used
in phpBB:
https://github.com/exavolt/python-phpass
It seems to be working fine so far.
Here are some examples:
In [11]: import phpass
In [12]: from phpass import PasswordHash
In [13]: p = PasswordHash()
In [14]: password = 'mypassword'
In [15]: hash1 = p.hash_password(password)
In [16]: hash2 = p.hash_password(password)
In [17]: hash3 = p.hash_password(password)
In [18]: hash1 == hash2
Out[18]: False
In [19]: hash1 == hash3
Out[19]: False
In [20]: hash2 == hash3
Out[20]: False
In [22]: p.check_password(password, hash1)
Out[22]: True
In [23]: p.check_password(password, hash2)
Out[23]: True
In [24]: p.check_password(password, hash3)
Out[24]: True
In [25]: wrongHash = p.hash_password('notmypassword')
In [26]: p.check_password(password, wrongHash)
Out[26]: False
With regard to the issue of the hash being different every time, I
reckon it is because this algorithm uses a salt (http://
en.wikipedia.org/wiki/Salt_%28cryptography%29). Apparently it is more
secure...
Regards,
John
On Dec 16, 4:07 pm, Anthony <[email protected]> wrote:
> > Unfortunately this solution will not work for me as I get a different
> > hash every time I call the hash password function for the same
> > plaintext password.
>
> What hash function are you using. If you use the same key, it should always
> return the same output for a given input.
