Nacim Arrahmane
Reputation: 31
Prestashop encrypt plain text password
From the plain text password what are steps to do before to add it inside the database.
Because of the blank schema ask for passwd (=hash) and secure_key, how I can get this information with php and Prestashop API ?
I'm using Prestashop 1.7.1
Thanks !
Upvotes: 1
Views: 791
Answers (1)
zaph
Reputation: 112857
Iterate over an HMAC with a random salt for about a 100ms duration and save the salt with the hash. Use a function such as PBKDF2, Rfc2898DeriveBytes, password_hash, Bcrypt or similar functions. The point is to make the attacker spend a lot of time finding passwords by brute force.
For PHP use php Password Hashing Functions password_hash and password_verify.
Upvotes: 1
Related Questions
- creating a customer login function using the prestashop webservice
- Prestashop Webservice Api Login
- Prestashop 1.7 Customer Password Encryption?
- Which encryption method does Prestashop use for the password field and how does it do it?
- PHP Secure Login - password encryption
- Prestashop - How is encrypted the db password?
- Password Encryption Using opencart database for sitewide login
- Password encryption in joomla
- Prestashop: trying to decode password
- encrypting password using php