Hello,
When a new user is registered on osclass, and a password hash is generated using bcypt() , what level of encryption does osclass do by default?
Where is the location of the file where the encryption is done, and how can i increase or decrease it?
Thanks!
Osclass use native PHP hashing function password_hash() for hashing, pleas read it’s documentation for more details.
Check Osclass hashing function here: https://github.com/mindstellar/Osclass/blob/b22d2288991aa14e92a5774a3187cccfe6a50bdc/oc-includes/osclass/helpers/hSecurity.php#L263
Thank you for replying @navjottomer
Hmm, strange naming conventions, the PHP documentation about password_hash() here says -
PASSWORD_DEFAULT- Use the bcrypt algorithm
and
PASSWORD_BCRYPT- Use theCRYPT_BLOWFISHalgorithm
In the code link you provided, it seems we’re using crypto_blowfish.
I’m a bit unclear on the differences between crypto_blowfish and bcrypt. But if modify the code to use just standard bcrypt() i think will give a different hash?
Yup, it will generate a different hash than.