datasette-auth-passwords icon indicating copy to clipboard operation
datasette-auth-passwords copied to clipboard

Published 20 hours ago verified publisher icon simonw

Why does hash CLI tool generates different output for the same input?

Open jeremiak opened this issue 2 years ago • 0 comments

I'm having trouble setting up HTTP basic auth for an instance and I noticed that the hash-password command doesn't seem to generate the same hash when the same input is supplied. Should it?

For example, running the command on my machine (Macbook Pro, Intel i7, MacOS 13.5.2, Python 3.9.4) with the input "october" returns a different result for each invocation as, as you can see below. I would think that password hashing should be consistent so the app can reliably hash the supplied password and check the results.

echo 'october' | datasette hash-password --no-confirm
pbkdf2_sha256$480000$c5ad381bd75b1a3d222c0b5b6e05dee1$o2Y7BF/U9NeD7fZrE0lmCnfDWd29W/x7uFyqF1d/0mk=

echo 'october' | datasette hash-password --no-confirm
pbkdf2_sha256$480000$ef0c60e7c872e135a11b1d464f0a4812$7BNmej6olJhMjOIsvqAMKFleF92Qjzs9gaGqeWI3Ve0=

jeremiak avatar Oct 02 '23 20:10 jeremiak