I’m curious why you chose to base64 encode the hash with this function? I have always used, and have always seen used by others the straight 32 byte hash - is there something different with the way servoy is doing things?
Hi Ryan,
I don’t know the real reasons why it’s implemented the way it is but it might have something to do with the hash being binary and a base64 result being text.
Text can be easily stored in a database using char/varchar/text while for a binary you need to use a BLOB or perhaps by using JSON to, you guessed it, transform it into text.
Hope this helps.
Btw a nice read on password security can be found here: The art of storing passwords - Md5 hash database
Probably should have clarified…I know that the actual hash is binary what I meant to say is why use a base64 representation of it rather than the 32 byte hexdigest which seems more popular (at least in my experience).