- Use * for wildcard searches (wildcar*)
- Use ? to match a single character (gr?y matches grey and gray)
- Use double quotes to find a phrase (“specific phrase”)
- Use + for an exact match (+perform returns only perform)
- Use - to exclude a word ( -excluded)
- Use Boolean operators: AND, OR, NOT, and NEAR
Password Hashing Checker
Password Hashing makes password storage and management more secure. Hashing uses a formula to transform a password into a predictable, yet encrypted form that obscures the actual password and makes it much harder for bad actors to decipher it.
When using a one-way hashing algorithm, a bad actor would benefit even less from gaining access to the encoded password. These one-way hashing algorithms make it near impossible to get the original password even when you know the output and the algorithm used to create that output. Hashing algorithms are an important part of securing digital properties, but it shouldn’t be the only thing. Consider password hashing part of a more comprehensive security approach.
When comparing password hashing algorithms, you have to verify that you have the same input for both hashing algorithms by taking that input and putting it through each algorithm to see if you get the same output (note that rare “hash collisions” can occur where two inputs generate the same output, so you still can’t be 100% sure you have the right input).
This Password Hashing Checker tool is useful when you have a system of hashed passwords and want to transfer the hashed passwords over to another system. There are several reasons why you may want to do this:- Migrating to a new directory
- Creating a backup system
- Distributing load for scale
Migrating to a new directory
Creating a backup system
Distributing load for scale
You want to ensure that the new system you’re moving too will accept your hashed or pre-encoded passwords. For example, you can import users and their pre-encoded passwords into PingOne for Customers, but, for PingOne for Customers to be able to support it when a user authenticates, we’ll need to be able to reproduce the hashed password in the same way. If the original system and the one you’re moving two use two different hashing algorithms, a user might be able to authenticate into one but not the other.
Use the tool by following these steps:- Grab a test password and salt.
- Run the test password and salt through your program that encodes the password using a given algorithm.
- Use the same test password and salt and input them into the respective fields in this tool.
- Choose the same algorithm.
- Press the “Hash It” button.
- Compare the output here with the output from your program.
- If the outputs are equal, then your program aligns with the LDAP hashed password algorithm and one that PingOne for Customers accepts!
*Not meant for use with real passwords.Grab a test password and salt.
Run the test password and salt through your program that encodes the password using a given algorithm.
Use the same test password and salt and input them into the respective fields in this tool.
Choose the same algorithm.
Press the “Hash It” button.
Compare the output here with the output from your program.
If the outputs are equal, then your program aligns with the LDAP hashed password algorithm and one that PingOne for Customers accepts!
*Use a dummy password!
Developer Tools
Check out our developer tools to help you work with SAML, JWTs, PKCE, OAuth, OIDC, and more!
Try it outDeveloper Community
Visit our community portal to find answers to your Ping Identity questions from other developer members in our community.
Join the discussion