phpass returns different results

743 views Asked by At

I just put my project from localhost to my host and using the same (phpass) function I receive different results and the length of the returned string is also different. (and everything works on localhost btw)

So the same function returns false when online. I was wondering what the problem might be.

Here's the result:

Input: 12345

  • localhost:$2a$08$t5joFUIbEThylj/IyUVy7.WzMZm8fmKjsy0kZc/YxgqzkbYQWnlre
  • host: $P$9QiKVfJzpRzoToBCJg8FeaDIfcAJJ61

EDIT: I switched on the TRUE flag to make password portable but still it doesn't seem to work.

EDIT 2: Doesn't work with php 4 or 5 and I DID switch on the portable mode!!

3

There are 3 answers

0
BehnUm On

I finally found out the problem was not phpass itself, but the scripts were causing an error (mysql real name escape was the problem and ajax was actually hiding it from me) anyways, everything is ok now, thanks.

3
Tobias On

WARNING: By default the library generates strong system-specific password hashes that are not portable. It means that once created, user database cannot be dumped and exported to another server. This behavior can be changed in config-file as well.

-> Portable (PHPass) password hashes. Should I use them?

2
Alex Howansky On

If I'm not mistaken, phpass uses the best method available to it. In this case, it would seem that the modules available on the live host are not the same as those on localhost, and thus phpass has to choose a different method. The "$2a$" indicates bcrypt, and the "$P$" indicates phpass' internal hash. I.e., it appears that the live host doesn't have bcrypt available.