Storing Secure Passwords

With the help of BCrypt, storing secure passwords just got really easy. BCrypt was written by codahale and released late February. I whipped up the code below in a few seconds to show how easy it is to encrypt passwords and then test if the unencrypted version matches the encrypted.

require 'rubygems'
require 'bcrypt'

password = BCrypt::Password.create("secret")
puts password
# => $2a$10$j56z5U17oXRU7r/QFKd4oOLTYg3L/zd5EGr9yvAaMYMAzSqzv8aya

puts password == "secret"
# => true

puts password == "NotTheSecret"
# => false

I would highly recommend trying it out on your next user model. Be sure to look at the docs, as well, because coda included several examples of how to integrate bcrypt with an active record model.

0 Comments

Sorry, comments are closed for this article to ease the burden of pruning spam.

About

Authored by John Nunemaker (Noo-neh-maker), a programmer who has fallen deeply in love with Ruby. Learn More.

Syndication

RailsTips Articles

RailsTips Links

Projects

Release your software more often with fewer problems.
Flip your features.

Dec 1
Dec 1
Aug 1
Feb 1
Apr 1
Jan 1
Oct 1
Jul 2
Mar 1
Feb 2
Jan 1
Dec 2
Aug 1
Jul 1
Jun 1
May 1
Mar 1
Feb 1
Jan 1
Dec 4
Oct 2
Aug 1

RailsTips

April 30, 2007

Storing Secure Passwords

0 Comments

About

Syndication

Projects

Site Links

Recent view the smörgåsbord

Quick Links subscribe to feed