A library to help you hash passwords. You can read about bcrypt in Wikipedia as well as in the following article: How To Safely Store A Password
For ease I recommend using the Boss (Dependency Manager for Delphi) for installation, simply by running the command below on a terminal (Windows PowerShell for example):
boss install https://github.com/viniciussanchez/bcrypt
If you choose to install manually, simply add the following folders to your project, in Project > Options > Resource Compiler > Directories and Conditionals > Include file search path
../bcrypt/src
var
LHash: string;
begin
LHash := TBCrypt.GenerateHash(password, cost, type);
end;
Where
-
password
is the password to be hashed -
type
is one of THashType.PHP, THashType.BSD, or THashType.Default, THashType.BSD is the default$2a$ -
cost
is a number between 10 and 30, default is 10
var
LVerify : Boolean;
begin
LVerify := TBCrypt.CompareHash(password, hash);
end;
Where
-
password
is the password to be verified -
hash
is a hash generated, similar to$2y$12$GuC.Gk2YDsp8Yvga.IuSNOWM0fxEIsAEaWC1hqEI14Wa.7Ps3iYFq
var
LHashInfo: THashInfo;
LSalt, LHash: string;
LHashType: THashType;
LCost: Word;
begin
LHashInfo := TBCrypt.GetHashInfo(hash);
LCost := LHashInfo.Cost;
LSalt := LHashInfo.Salt;
LHash := LHashInfo.Hash;
LHashType := LHashInfo.&Type;
Where
hash
is a hash generated
var
LNeeds : Boolean;
begin
LNeeds := TBCrypt.NeedsRehash(hash, cost);
end;
Where
-
hash
is a hash, similar to$2y$12$GuC.Gk2YDsp8Yvga.IuSNOWM0fxEIsAEaWC1hqEI14Wa.7Ps3iYFq
-
cost
is a number between 10 and 30, default is 10
The characters that comprise the resultant hash are:
./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
Resultant hashes will be 60 characters long.
The code for this comes from a few sources: