Reputation: 125
How can I convert back to original string a bcrypt digest password?
I am developing a ruby app, I have a back-end User table that store encrypted password using gem-bcrypt. How can I actually convert my password back to original to display it in my view? this is the code to digest my password
def self.digest(string)
cost = ActiveModel::SecurePassword.min_cost ? BCrypt::Engine::MIN_COST : BCrypt::Engine.cost
BCrypt::Password.create(string, cost: cost)
end
Upvotes: 1
Views: 3376
Answers (1)
Reputation: 21110
From their readme:
Background
Hash algorithms take a chunk of data (e.g., your user's password) and create a "digital fingerprint," or hash, of it. Because this process is not reversible, there's no way to go from the hash back to the password.
In other words:
hash(p) #=> <unique gibberish>You can store the hash and check it against a hash made of a potentially valid password:
<unique gibberish> =? hash(just_entered_password)
I also don't understand why you want to do this. If you could reverse it back to the password, what would prevent a hacker who steals your dataset to do the same? The whole point of hashing passwords is that the can't be reversed. You can only check if the provided password is the correct one.
Upvotes: 4
Related Questions
- Rebuild/Verify Ruby on Rails Bcrypt password hash in Javascript
- How to update user password using password_digest and form in Rails
- Why is my password_digest returning an "invalid hash" error?
- "BCrypt::Errors::InvalidHash: invalid hash" when trying to authenticate password
- Bcrypt ruby on rails
- Unable to update password with Bcrypt
- Rails bcrypt lost password
- Using BCrypt in Rails to manually authenticate
- Updating password with BCrypt
- Decryptor for bcrypt