Member since
02-10-2021
1
Post
0
Kudos Received
0
Solutions
02-15-2021
05:36 AM
There is another way where the user updates the password hash only (with a little help from a python script): save the password hash from uaadb's user table which looks similar to this: $2a$10$someSaltSomeSaltedHash, download the gen_password.py and check_password.py (see below this list) to a computer where you have python3 installed, install the bcrypt python package with pip3 install bcrypt, the script uses this to generate password hash with the Bcrypt algorithm, run python3 gen_password.py, the script uses useful defaults, so the customer needs to give the password only, save the generated hash into the uaadb's user table, try login with the new password. gen_password.py import bcrypt
import sys
rounds=int(input("Number of rounds [4..31], higher number gives more security but the genaration and login process will be slower (default 10): ") or 10)
prefix=str(input("Prefix (possible values 2a, 2b, 2y, default 2a): ") or "2a").encode("utf-8")
password=input("Password: ")
print("Generating hash for password: " + password)
password_hash = bcrypt.hashpw(password.encode("utf-8"), bcrypt.gensalt(rounds=rounds,prefix=prefix))
print(password_hash.decode("utf-8")) check_password.py import bcrypt
password=input("Password: ")
hashed_password=input("Hashed password: ")
if bcrypt.checkpw(password.encode("utf-8"), hashed_password.encode("utf-8")):
print("Matches")
else:
print("Doesn't match") Example to generate: $ python3 gen_password.py Number of rounds [4..31], higher number gives more security but the genaration and login process will be slower (default 10): Prefix (possible values 2a, 2b, 2y, default 2a): Password: SomeReallyHardPassword Generating hash for password: SomeReallyHardPassword $2a$10$6ch6sgrqxWnQYsxPdgBXLe6HPb02P5CeYHlwRtiCciJ1gDrSvZ1Km Example to validate: $ python3 check_password.py Password: SomeReallyHardPassword Hashed password: $2a$10$6ch6sgrqxWnQYsxPdgBXLe6HPb02P5CeYHlwRtiCciJ1gDrSvZ1Km Matches Note: The algorithm is not deterministic so for the same password it will generate different hashes if you execute the script multiple times.
... View more