Using bcrypt on your MyBB forum.

by Clickbait - 06-08-2015, 12:17 PM
ᶠᵃᵈʸ'ˢ ʷᵃᶦᶠᵘ
Posts:
543
Joined:
Jan 2015
Likes:
68
Credits:
1,151
Reputation:
39
3 Years of Service
#1
OP
Posted: 06-08-2015, 12:17 PM
I highly recommend doing this on a local development copy of your forum.

Please register or login in order to unlock hidden content.

Faded is cute Heart
Bitdefender
19-10-2016, 12:51 PM
Fulltime Member
Posts:
1,134
Joined:
Apr 2015
Likes:
54
Credits:
117
Reputation:
37
3 Years of Service
#2
Posted: 07-08-2015, 02:10 AM
Akay almost fucked up RF doing this lol :noh:
oldfag
Administrators
Posts:
6,259
Joined:
Jan 2015
Likes:
1,767
Credits:
5,084
Reputation:
269
3 Years of Service
#3
Posted: 07-08-2015, 07:09 AM
(07-08-2015, 02:10 AM)Tropical Wrote: Akay almost fucked up RF doing this lol  :noh:

And who cares?
Send me a message for help. (Read the help docs first)
Steam Wishlist - Anime Watchlist
IT Tech @ GoRack.net
Posts:
1,333
Joined:
Aug 2015
Likes:
66
Credits:
516
Reputation:
44
2 Years of Service
#4
Posted: 07-08-2015, 07:32 AM (This post was last modified: 07-08-2015, 07:32 AM by Nolan.)
(07-08-2015, 07:09 AM)Aoki Wrote:
(07-08-2015, 02:10 AM)Tropical Wrote: Akay almost fucked up RF doing this lol  :noh:

And who cares?

OOOH got em :hurr: lol
[Image: logo-1a3c8b7a6ad74407a3925c1ede1ae2f5.png]

Posts:
11,020
Joined:
Apr 2015
Likes:
922
Credits:
18,626
Reputation:
180
3 Years of Service
#5
Posted: 07-08-2015, 07:39 AM
Looks good.
I don't think it's really that much needed, but what do I know.
もうあなたから愛されることも
必要とされることもない
そして私はこうして一人ぼっちで
IT Tech @ GoRack.net
Posts:
1,333
Joined:
Aug 2015
Likes:
66
Credits:
516
Reputation:
44
2 Years of Service
#6
Posted: 07-08-2015, 07:44 AM
(07-08-2015, 07:39 AM)Faded Wrote: but what do I know.

You know a lot of things :yus:
[Image: logo-1a3c8b7a6ad74407a3925c1ede1ae2f5.png]
ᶠᵃᵈʸ'ˢ ʷᵃᶦᶠᵘ
Posts:
543
Joined:
Jan 2015
Likes:
68
Credits:
1,151
Reputation:
39
3 Years of Service
#7
OP
Posted: 07-08-2015, 08:51 AM (This post was last modified: 07-08-2015, 08:52 AM by Clickbait.)
(07-08-2015, 07:39 AM)Faded Wrote: Looks good.
I don't think it's really that much needed, but what do I know.

brb looking up your password hash and then bruteforcing your weakly hashed md5 password.. c:


bcrypt is slow, which makes it a great way to slow bruteforcing down.

I think I might have left something out in the code above. Gonna do this again tonight.

(07-08-2015, 02:10 AM)Tropical Wrote: Akay almost fucked up RF doing this lol :noh:

Quote:I highly recommend doing this on a local development copy of your forum.

...
Faded is cute Heart
IT Tech @ GoRack.net
Posts:
1,333
Joined:
Aug 2015
Likes:
66
Credits:
516
Reputation:
44
2 Years of Service
#8
Posted: 07-08-2015, 09:00 AM
What does this thing do?
[Image: logo-1a3c8b7a6ad74407a3925c1ede1ae2f5.png]

Posts:
11,020
Joined:
Apr 2015
Likes:
922
Credits:
18,626
Reputation:
180
3 Years of Service
#9
Posted: 07-08-2015, 09:07 AM
(07-08-2015, 08:51 AM)Unsuspicious Wrote:
(07-08-2015, 07:39 AM)Faded Wrote: Looks good.
I don't think it's really that much needed, but what do I know.

brb looking up your password hash and then bruteforcing your weakly hashed md5 password.. c:


bcrypt is slow, which makes it a great way to slow bruteforcing down.

I think I might have left something out in the code above. Gonna do this again tonight.

(07-08-2015, 02:10 AM)Tropical Wrote: Akay almost fucked up RF doing this lol  :noh:

Quote:I highly recommend doing this on a local development copy of your forum.

...

Thanks for clearing it up senpai.
pls don't try to bruteforce my pwd
もうあなたから愛されることも
必要とされることもない
そして私はこうして一人ぼっちで
ᶠᵃᵈʸ'ˢ ʷᵃᶦᶠᵘ
Posts:
543
Joined:
Jan 2015
Likes:
68
Credits:
1,151
Reputation:
39
3 Years of Service
#10
OP
Posted: 07-08-2015, 09:13 AM
(07-08-2015, 09:00 AM)Gummy Wrote: What does this thing do?

Makes MyBB use the bcrypt hashing algorithm instead of the MD5 + Salt algorithm that it uses by default.

Here's a post by one of the members of my forum explaining it after I implemented it myself:
[Image: 2f9e27089085b23ce910c59e642ba7df.png]
Faded is cute Heart
The last reply on this thread is older than a month. Please do not unnecessarily bump it.
Register an account or login to reply
Create an account
Create a free account today and start posting right away. It only takes a few seconds.
Login
Log into an existing account.
1 Guest(s)