Level 75
I suggest lookup how bcrypt works, it depents on the salt.
https://laravel.com/docs/11.x/hashing#hashing-passwords
But see the php manual also on bcrypt.
Jul 16, 2024
3
Level 1
Laravel Bcrypt for $2b passwords
Hello. I have a game server that allows players to register and their passwords are hashed with Bcrypt. I'm setting up a user control panel for the server, but when I'm trying to authenticate users I get the "This password does not use the Bcrypt algorithm." error. When I check my game server passwords and compare them to one Laravel generated, the only thing different is the first 3 letters. Laravel generates "$2y" and my server "$2b". If I change my password from $2b to $2y in the database, it allows me to log in without problem.
Does anyone know why Laravel doesn't recognize the password, and how I could remedy it? I want to say that I have tens of thousands of account already registered, and I would prefer not to touch them, but rather make Laravel recognize them.
Thanks!
Level 50
@jlrdw Salt clearly has nothing to do with their issue if changing the algorithm identifier to $2y$ works.
@syracuza $2b$ seems to indicate that the hash was generated with OpenBSD's implementation of bcrypt. Those two versions ($2y$ and $2b$) should produce identical hashes - they're just from different implementations of the same algorithm. Replacing the identifier should therefore work, but it's a bit ugly.
How is your game server hashing the passwords? Do you have control over the process?
1 like
Level 75
@JussiMannisto Just FYI, I didn't know the OP's complete problem, that's why I suggested look up bcrypt in the php manual.
Please or to participate in this conversation.