0

In here i want to add a record to a Mysql users table manually. There is a field called encrypted_password but i dont know the encryption algorithm that has been used. When Im trying to add a record manually but it didnt work when im authenticating.

Sample of existing user record password hash :

encrypted_password: $2a$12$ibqhezRBPsy022fhMqGXBOtT749jR4QMwBULS4o1x9NMycPbftPwa

The query i tried to insert for the new record.

INSERT INTO users(status,classification,encrypted_password,created_at,updated_at) values(1,1,MD5('test1234$'), NOW(), NOW());

The hash format of the record I inserted :

encrypted_password: b46cfe70ccedca93ed4f06f5e5901fea

How can i have a workaround this and add an encrypted password in correct hash format?

Ragnar921
  • 829
  • 3
  • 17
  • 30
  • It's bcrypt encryption. Encryption method and salt is already in password: `$2a$` with cost of `12`. https://en.wikipedia.org/wiki/Bcrypt – Justinas Oct 19 '21 at 06:47
  • 1
    Encrypt password in back-end, not in database. Does this answer your question? [How to use \`bcrypt\` algorithm within \`encrypt\` function in MySQL for verifying password?](https://stackoverflow.com/questions/20295778/how-to-use-bcrypt-algorithm-within-encrypt-function-in-mysql-for-verifying-p) – Justinas Oct 19 '21 at 06:47
  • This is not [tag:password-encryption], and nor should be it. It is password *hashing*. See the tag description for more information. – user207421 Oct 19 '21 at 09:10

1 Answers1

1

Simply, we can follow the below steps.

  1. Identify the password hashing algorithm using an online hash analyzer.
  2. Based on that hashing algorithm generate a new hash using an online hash generator.
  3. Update the table record entry with that hash.
  4. Now login should be successful with the plain text that has been used for the hash generation.
Udara Seneviratne
  • 2,303
  • 1
  • 33
  • 49