Originally posted by EyeX32
How do you guys assume this is blowfish, I work a lot with encryption and I don't know how you guys recall that it is blowfish.
You simply cannot assume an encryption algorithm simply by looking at the characters.
My initial response was incorrect to an extent because I said this was blowfish which is technically correct, but the entire hash is bcrypt.
A standard bcrypt hash using blowfish will look like this:
$2y$10$BEYi/8LXsbpwq0Pc/an6reE/bCDMOtd.
2K/Bf2SxYb8.KY1nfJ.iC
$2y$ = algo (which is blowfish in this case because blowfish uses "$2a$", "$2x$" or "$2y$")
10$ = algorithmic cost
BEYi/8LXsbpwq0Pc/an6reE/bCDMOtd = salt
2K/Bf2SxYb8.KY1nfJ.iC = hashed password
the salt and pass are delimited by the period. you can read more about these here:
You must login or register to view this content.
Edit: however, if you're planning on using this to hash passwords, don't just use crypt() because as it says in the documentation, the function will generate a weak salt if you don't pass one and it's almost always bad practice to generate your own salts. you should use this instead of hashing functions:
You must login or register to view this content.