I'm working a custom membership system in ASP.NET MVC3 (explained here). And I want to use BCrypt. My question is about BCrypt.net arguments range. i.e. the minimum and maximum length of string that BCrypt can hash it, that min/max length of salt, and also the output string's length. Really I'm creating database now, and I want to know how to set password column in db. i.e. nvarchar(256) or anything else?
Asked
Active
Viewed 2,302 times
4
Donald Duck
- 8,409
- 22
- 75
- 99
amiry jd
- 27,021
- 30
- 116
- 215
1 Answers
6
The BCrypt algorithm incorporates the salt into the hash so you don't need to have 2 separate columns in your database to store the hash and the password. You may checkout this sample implementation. It produces hashes of length 60 no matter how long the plain text password is.
Darin Dimitrov
- 1,023,142
- 271
- 3,287
- 2,928
-
Thanks dear @Darin :) you're a *Rescue Angelv* :D – amiry jd Feb 18 '12 at 21:59