Advertisement
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Simple Auth password

Comments in 'Plugin Development' started by Ianblum1, Feb 11, 2015.

  1. Ianblum1
    Offline

    Ianblum1 New Member

    Joined:
    Feb 11, 2015
    Posts:
    1
    Minecraft User:
    ianblum1
    Dear Pocketmine Team and everyone else,

    I am using the SimpleAuth plugin and people have created passwords and it doesn't show the password it shows the hash instead. I heard the way the hash works is for SimpleAuth it uses SHA-512 and whirlpool at the same time I was wondering can you convert this hash to text?
    Here is the hash:
    2f416b0627d23d72945f081d1e3f256cfd06e38a22e7ddb2762f9c2e880fdfa530f27b52f85f85d459a0c30a77b452f0f03ec37f2a7a38fac708027ce587d655
    Thanks a lot,
    Ian
    Please reply ASAP
    Falk likes this.
  2. inventorman101
    Offline

    inventorman101 New Member

    Joined:
    Aug 26, 2013
    Posts:
    17
    Minecraft User:
    inventorman101
    The point of using a hash is so you can't get the plain text password. It reinforces security.
    PEMapModder, iksaku and Falk like this.
  3. Falk
    Offline

    Falk Staff Member Global Moderator

    Joined:
    Sep 2, 2013
    Posts:
    1,710
    Plugins:
    22
    Minecraft User:
    Falkirknh
    Hashes are inherently one-way. You can use things like rainbow tables to crack hashes, but I know very little about it because reversing hashing algorithms never interested me.
    iksaku likes this.
  4. PEMapModder
    Offline

    PEMapModder Notable Member Plugin Developer

    Joined:
    Oct 9, 2013
    Posts:
    7,325
    Plugins:
    11
    Minecraft User:
    PEMapModder
    Brute force. If you ever bother to make a way to do so.

    The reason why SimpleAuth was make official and to monopolize auth plugins is to avoid passwords being saves in plaintext and released, thus threatening the trust between players and owners to have their passwords safe. Although server owners can still change the hash algo or even check the player's input text, we try our best to protect player passwords, which is one of the core values in our community.

Share This Page

Advertisement