Issue with setting up credentials for multiple users directly in the database.

hardikaj · March 3, 2021, 11:07am

Application Name: Reference Application Version Number: 2.11.0

Hello everyone!

I am trying to add new users in bulk( let’s suppose 100) directly in the database since it will be easy.

I have created a person and then a user in the database.

Now I want to assign login credentials to it.

Does anyone know how to set up password and salt directly in the database?

Also, if someone could tell me how the password and salt are stored in the database and which hashing algorithm is used?(I found out that it uses SHA512 hashing algorithm but how does it use it? From where is the salt generated? How is the password and salt hashed and stored in the database so I can do it directly?)

Any help is welcome!

gcliff · March 3, 2021, 11:24am

@hardikaj the easiest way is to put the salt in front of the password and hash the combined text string.

The salt is not an encryption key, so it can be stored in the password database along with the username – it serves merely to prevent two users with the same password getting the same hash.

can this help

hardikaj · March 3, 2021, 11:53am

Thanks for such fast reply!

Yes i found out what I was looking for!

hardikaj · March 3, 2021, 12:29pm

For anyone who is wondering how the password + salt work in the database, here’s is an example:

Let’s say the password is ‘Admin123’ and the salt is ‘abcdef’

Firstly, hash the salt using SHA512, you will get something like this ‘e32ef19623e8ed9d267f657a81944b3d07adbb768518068e88435745564e8d4150a0a703be2a7d88b61e3d390c2bb97e2d4c311fdc69d6b1267f05f59aa920e7’. This above value is stored in salt column of users table in the database.

Then hash the password + salt combo using SHA512. So hash ‘Admin123e32ef19623e8ed9d267f657a81944b3d07adbb768518068e88435745564e8d4150a0a703be2a7d88b61e3d390c2bb97e2d4c311fdc69d6b1267f05f59aa920e7’ , you will get something like this ‘2925bc4bedb3a5e5a4a93731220909093518c9fe28a72ab33f166c39f59fdfc1e36e157fbacad63f6b82d551ce8843c1abf0bcee3dce607e785da33380f1c212’. This above value is stored in password column of users table in the database.

In this way you can assign password and salt for multiple users for bulk addition.

Hope this was helpful!

dkayiwa · March 3, 2021, 12:52pm

Thanks @hardikaj for the spirit of sharing!