如何将 bcrypt 摘要密码转换回原始字符串?
How can I convert back to original string a bcrypt digest password?
我正在开发一个 ruby 应用程序,我有一个使用 gem-bcrypt 存储加密密码的后端用户 table。我怎样才能真正将我的密码转换回原始密码以在我的视图中显示它?
这是消化我的密码的代码
def self.digest(string)
cost = ActiveModel::SecurePassword.min_cost ? BCrypt::Engine::MIN_COST : BCrypt::Engine.cost
BCrypt::Password.create(string, cost: cost)
end
来自他们的readme:
Background
Hash algorithms take a chunk of data (e.g., your user's password) and create a "digital fingerprint," or hash, of it. Because this process is not reversible, there's no way to go from the hash back to the password.
In other words:
hash(p) #=> <unique gibberish>
You can store the hash and check it against a hash made of a potentially valid password:
<unique gibberish> =? hash(just_entered_password)
我也不明白你为什么要这样做。如果您可以将其还原为密码,如何防止窃取您的数据集的黑客做同样的事情?散列密码的全部意义在于无法逆转。您只能检查提供的密码是否正确
我正在开发一个 ruby 应用程序,我有一个使用 gem-bcrypt 存储加密密码的后端用户 table。我怎样才能真正将我的密码转换回原始密码以在我的视图中显示它? 这是消化我的密码的代码
def self.digest(string)
cost = ActiveModel::SecurePassword.min_cost ? BCrypt::Engine::MIN_COST : BCrypt::Engine.cost
BCrypt::Password.create(string, cost: cost)
end
来自他们的readme:
Background
Hash algorithms take a chunk of data (e.g., your user's password) and create a "digital fingerprint," or hash, of it. Because this process is not reversible, there's no way to go from the hash back to the password.
In other words:
hash(p) #=> <unique gibberish>You can store the hash and check it against a hash made of a potentially valid password:
<unique gibberish> =? hash(just_entered_password)
我也不明白你为什么要这样做。如果您可以将其还原为密码,如何防止窃取您的数据集的黑客做同样的事情?散列密码的全部意义在于无法逆转。您只能检查提供的密码是否正确