-
Notifications
You must be signed in to change notification settings - Fork 24
ComparePasswordHash
Miriam McMahon edited this page Apr 27, 2023
·
8 revisions
Compare a password hash obtained from a remote system with a hash generated from a password locally. The CryptSharp library is used to encrypt the local password.
The following password crypt algorithms are supported: BCrypt, LDAP, MD5 (and Apache's htpasswd variant), PHPass (WordPress, phpBB, Drupal), SHA256, SHA512, Traditional and Extended DES, Blowfish, SCrypt, and PBKDF2 for any HMAC.
Support for the yescrypt algorithm is available from Safeguard v7.1
| Parameter Name | Description | Type | Resolved Type | Required |
|---|---|---|---|---|
| Password | The plaintext password to hash and compare | Value | String | Yes |
| SaltedHash | The hash obtained from the remote system with which to compare the password | Value | String | Yes |
| ResultVariable | The name of a variable to create or update with a boolean result of the comparison | String | String | Yes |
Example:
{
"ComparePasswordHash": {
"Password": "%{ AccountPassword }%",
"SaltedHash": "%{ RemoteHash }%",
"ResultVariable": "PasswordMatches"
}
},
{
"Condition": {
"If": "PasswordMatches",
"Then": {
"Do":[
{ "Log" : { "Text" : "The password matched" }}
]
}
}
}