This is the legacy 4D documentation web site. Documentations are progressively being moved to developer.4d.com
- 4D Language Reference
-
- Tools
-
-
BASE64 DECODE
-
BASE64 ENCODE
-
Choose
-
Generate digest
-
Generate password hash
-
Generate UUID
-
GET ACTIVITY SNAPSHOT
-
GET MACRO PARAMETER
-
Get Monitored Activity
-
LAUNCH EXTERNAL PROCESS
-
Load 4D View document
-
MOBILE APP REFRESH SESSIONS
-
OPEN URL
-
PROCESS 4D TAGS
-
SET ENVIRONMENT VARIABLE
-
SET MACRO PARAMETER
-
START MONITORING ACTIVITY
-
STOP MONITORING ACTIVITY
-
Verify password hash
-
Generate password hash
| Generate password hash ( password {; options} ) -> Function result | ||||||||
| Parameter | Type | Description | ||||||
| password | String |
|
The user's password. Only the first 72 characters are used. | |||||
| options | Object |
|
An object containing options. | |||||
| Function result | String |
|
Returns the hashed password. | |||||
The Generate password hash function returns a secure password hash generated by a cryptographic hash algorithm.
Pass a string value in the password parameter. The Generate password hash returns a hashed string for the password. Multiple passes of the same password will result in different hashed strings.
In the options object, pass the properties to use when generating the password hash. The available values are listed in the table below:
| Property | Value Type | Description | Default Value |
| algorithm | string | algorithm to be used. Currently only "bcrypt" (case sensitive) is supported. | bcrypt |
| cost | numeric | speed to be used. The supported values for bcrypt are between 4 and 31. | 10 |
Note: If either value in the options object is invalid, an error message and an empty string will be returned.
The following errors may be returned. You can review an error with the GET LAST ERROR STACK and ON ERR CALL commands.
| Number | Message |
| 850 | Password-hash: Unsupported algorithm. |
| 852 | Password-hash: Unavailable bcrypt cost parameter, please provide a value between 4 and 31. |
bcrypt is a password hashing function based on the Blowfish cipher. In addition to incorporating a salt to protect against rainbow table attacks, it's an adaptive function in which the iteration count can be increased to make it slower, so it remains resistant to brute-force attacks even with increasing computation power because it takes longer and becomes too time consuming and expensive.
This example generates a password hash using bcrypt with a cost factor 4.
C_TEXT($password)
C_TEXT($hash)
C_OBJECT($options)
$options:=New object("algorithm";"bcrypt";"cost";4)
$password:=Request("Please enter your password")
$hash:=Generate password hash($password;$options)
[Users]hash:=$hash
SAVE RECORD([Users])Reminder: Multiple passes of the same password will result in different hashed strings. This is a standard behavior for algorithms such as bcrypt, since the best practice is to create a new, random salt for every hash. Refer to the Verify password hash description for an example of how to check the passwords.
Product: 4D
Theme: Tools
Number:
1533
Created: 4D v16 R5
4D Language Reference ( 4D v20 R7)
