|
Somebody can give me a clue about these undocumented SQL Functions? each time I use PWDENCRYPT with the same data it returns a different bynary output.
(comments are locked)
|
|
PWDENCRYPT() Returns the SQL Server password hash of the input value that uses the current version of the password hashing algorithm. it will produce different hashes at different times to prevent collisions and to strengthen hashes against dictionary attacks, that process is called salting.SQL Server is using some manner of time-dependent scheme for salt generation. if a hash weren't salted, it would be easy to encrypt dictionary words using numerous hash functions PWDCOMPARE()Hashes a password and compares the hash to the hash of an existing password. PWDCOMPARE can be used to search for blank SQL Server login passwords or common weak passwords. Syntax : PWDCOMPARE ('clear_text_password', 'password_hash' [,version ] ) it returns 1 if the hash of the clear_text_password matches the password_hash parameter, and 0 if it does not.
(comments are locked)
|
|
Hope this may answer your question http://stackoverflow.com/questions/786029/sql-server-pwdencrypt-value-comparison
(comments are locked)
|
