How do you encrypt a password with hash?

Viraj_M · July 27, 2022, 11:44am

How do you use this extension by Pura Vida Apps to encrypt a password and store it to firedb?

Link- App Inventor Extensions: Tools | Pura Vida Apps

NishyanthKumar · July 27, 2022, 3:55pm

Taifun's provided us with 2 different encryption formats: SHA-1 and SHA-256.

The former outputs a 20-byte hash value, while the latter outputs a 30-byte hash value. I'd recommended going for SHA-256, since the output is pretty much unique (256 characters, giving it a total possibility count of 2^256!).

There is also HMAC SHA-256. HMAC is a type of encryption where a private key is used. A key is a unique identifier; an integer or a string on the basis of which the encryption is carried out.
There is only one specific encryption/decryption for a single key.
Pretty sure non-HMAC uses a fixed key.

The key needs to be generated and stored somewhere safe. Putting it blatantly in your code is a great way for people to get access to your data, which is something you might not want. Instead, you can create a script, stored on Google Sheets or something of the sort (Power Users, correct me if I'm wrong), or just insert the key there.

Every time you encrypt/decrypt something, you will get the same result for the same input and key; and if you keep the key safe, your traces will be practically invisible.

Viraj_M · July 27, 2022, 3:57pm

Ok. so I am using SHA-256 In my app now the thing is when I try to compare the password entered by the user to the encrypted password in the firedb It is not saying that the value is correct even tho the value is the same

Viraj_M · July 27, 2022, 3:59pm

And also I didnt see any blocks to decrypt the Hmac sha 256 so I dont know how to do that

Viraj_M · July 27, 2022, 3:59pm

Reply on this topic Since this is where I thoroughly explained my problems -

NishyanthKumar · July 27, 2022, 4:01pm

perhaps because it is not a cryptography extension.

Viraj_M · July 27, 2022, 4:01pm

Hmm true since it is a tools extension I ll see more extensions

Viraj_M · July 27, 2022, 4:09pm

So I found this extension for Asymmetric Encryption

Just the thing is its hard for me to understand how to encrypt and decrypt the password, could you explain it in brief?

Taifun · July 27, 2022, 10:11pm

You have to understand the difference between hashing and encryption algorithms. ..

There is a fundamental difference between Hashing and Encryption algorithms, see this stackoverflow answer: Hashing is one way. You can not get your data/string from a hash code. Encryption is 2 way - you can decrypt again the encrypted string if you have the key with you.
In case you are interested in Hashing, for example to create a password hash, see my Tools Extension.

For your purposes store the hash value in your database...To check, if an entered password is valid, just compare the hash values. .

Taifun