Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


HASHBYTES


HASHBYTES

Author
Message
Raghavendra Mudugal
Raghavendra Mudugal
SSCommitted
SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)

Group: General Forum Members
Points: 1682 Visits: 2958
0xB9A02E529093456D139C69FC5E5D4D825B7EC24B 0xCDE457DD8AB6C020E9852FE5B6953E02631A2CB2

this is the output of your query, just wanted to know what you mean by "exact same results"....?

ww; Raghu
--
The first and the hardest SQL statement I have wrote- "select * from customers" - and I was happy and felt smart.
KrishnaChaithanya
KrishnaChaithanya
Valued Member
Valued Member (51 reputation)Valued Member (51 reputation)Valued Member (51 reputation)Valued Member (51 reputation)Valued Member (51 reputation)Valued Member (51 reputation)Valued Member (51 reputation)Valued Member (51 reputation)

Group: General Forum Members
Points: 51 Visits: 43
hearing for the first time about hashbytes.. good platform to learn new things...Cool
ma-516002
ma-516002
SSCrazy
SSCrazy (2.5K reputation)SSCrazy (2.5K reputation)SSCrazy (2.5K reputation)SSCrazy (2.5K reputation)SSCrazy (2.5K reputation)SSCrazy (2.5K reputation)SSCrazy (2.5K reputation)SSCrazy (2.5K reputation)

Group: General Forum Members
Points: 2453 Visits: 321
Find some thoughts about this topic here:
http://social.msdn.microsoft.com/Forums/en-US/sqlsecurity/thread/6002f5a4-19a0-4a11-a569-e112375d3efa/
michael.kaufmann
michael.kaufmann
Ten Centuries
Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)

Group: General Forum Members
Points: 1293 Visits: 1082
Raghavendra Mudugal (2/9/2012)
0xB9A02E529093456D139C69FC5E5D4D825B7EC24B 0xCDE457DD8AB6C020E9852FE5B6953E02631A2CB2

this is the output of your query, just wanted to know what you mean by "exact same results"....?


The result is exactly the same as when running Steve's code (see the solution to the QotD in this thread).
-Michael
michael.kaufmann
michael.kaufmann
Ten Centuries
Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)

Group: General Forum Members
Points: 1293 Visits: 1082
From a coding perspective (having a random salt parameter), this URL to a post on stackoverflow.com has a nice twist to the matter.

Cheers,
Michael
rfr.ferrari
rfr.ferrari
Ten Centuries
Ten Centuries (1.4K reputation)Ten Centuries (1.4K reputation)Ten Centuries (1.4K reputation)Ten Centuries (1.4K reputation)Ten Centuries (1.4K reputation)Ten Centuries (1.4K reputation)Ten Centuries (1.4K reputation)Ten Centuries (1.4K reputation)

Group: General Forum Members
Points: 1351 Visits: 13620
very good question with a complex understanding (when is necessary translate for another language)! :-D
today, I learned anything!!!


rfr.ferrari
DBA - SQL Server 2008
MCITP | MCTS

remember is live or suffer twice!
the period you fastest growing is the most difficult period of your life!

Thomas Abraham
Thomas Abraham
SSCrazy
SSCrazy (2.3K reputation)SSCrazy (2.3K reputation)SSCrazy (2.3K reputation)SSCrazy (2.3K reputation)SSCrazy (2.3K reputation)SSCrazy (2.3K reputation)SSCrazy (2.3K reputation)SSCrazy (2.3K reputation)

Group: General Forum Members
Points: 2333 Visits: 2254
Thanks for the question. Hoever, I got it wrong because I used this source:

http://msdn.microsoft.com/en-us/library/cc837966(SQL.100).aspx

which says:

"It is not possible to specify the salt value in SQL Server."

Can someone please expain why this is wrong? Or why I have interpreted it incorrectly. Thanks!

Please don't go. The drones need you. They look up to you.
Connect to me on LinkedIn
Rich Weissler
Rich Weissler
SSCrazy
SSCrazy (2K reputation)SSCrazy (2K reputation)SSCrazy (2K reputation)SSCrazy (2K reputation)SSCrazy (2K reputation)SSCrazy (2K reputation)SSCrazy (2K reputation)SSCrazy (2K reputation)

Group: General Forum Members
Points: 2015 Visits: 954
GPO (2/8/2012)
The SALE string? This confused me! :-P

Yeah, I decided SALE had to be a typo for SALT. (If that isn't want happened, someone please yell... I'm still assuming.)
TomThomson
TomThomson
SSChampion
SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)

Group: General Forum Members
Points: 10729 Visits: 12019
ma-516002 (2/9/2012)
Find some thoughts about this topic here:
http://social.msdn.microsoft.com/Forums/en-US/sqlsecurity/thread/6002f5a4-19a0-4a11-a569-e112375d3efa/

I hope no-one who reads that thread gets confused and is infected by this crazy notion that Hashbytes does internal salting! As Russel Fields points out: "HASHBYTES does not, in itself, use a salt key" - but despite that clear (and accurate) statement the OP (Dboy888) remained unconvinced.

Anyone who wants to can use the MDn or SHA1 servers available on the web to caculate some hashes, and then calculate the same hashes using hashbytes: they will find that hashbytes produces the same standard results as the things on the web - so clearly there is no salting going on in there.

Tom

Michael Lysons
Michael Lysons
Ten Centuries
Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)Ten Centuries (1.3K reputation)

Group: General Forum Members
Points: 1256 Visits: 1394
Blimey - a question I could answer correctly without needing to do some reading first!
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search