How do BCryptPasswordEncoder check the passed plain password while using salt?

Asked Aug 07 '17 at 06:23

Active Aug 07 '17 at 06:23

Viewed 93 times

I've check the source of BCryptPasswordEncoder and found it won't return generated random salt. Then, while we check the plain password later, we don't know which salt did this user use at that time, so how can BCryptPasswordEncoder check whether plain password and encrypted password are the same?

asked Aug 07 '17 at 06:23

Yun

1

Possible duplicate of [yii CPasswordHelper: hashPassword and verifyPassword](https://stackoverflow.com/questions/20394137/yii-cpasswordhelper-hashpassword-and-verifypassword) – martinstoeckli Aug 30 '17 at 08:40
thank you , that's the answer – Yun Oct 13 '17 at 09:13

How do BCryptPasswordEncoder check the passed plain password while using salt?

0 Answers0