Jump to content
View in the app

A better way to browse. Learn more.
Pulseway

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Salted Password

Posted

i extend my enterprise servers capabilities by own applications and i use the pc monitor logon (username/passwort) to authenticate.

i had to notice that my notification router (the app) cannot be used anymore since the passwords are salted before stored into the database. has the salting started with an update of the enterprise server? i didn't install/change something.

i need to know the salting algorithm to make that working again, i have to be able to calculate the salted-hash outside the enterprise server in my own application.

Featured Replies

We cannot provide the salting algorithm but we can surely help you authenticate using your own applications.

Please email us your requirements and we will do our best to help and, if needed, extend the API to support them.

  • Author

my requirement is that my own application (only one by now, but it will become more) is able to authenticate against the user accounts in the pcmonitor database. at http://watch.esecure.at/nr for example you provide a username and a password and the website authenticates against the database.

i have seen a passwortSalted binary-field in the accounts table. does this mean i can choose using salted passwords or unsalted md5?

an api is only the second best solution because i want my application work stand-alone, even when the enterprise server itself stops operation. but maybe you have a good idea on that issue. my only solution by now would be to have seperate passwords for pcmonitor itself and my applications.

  • Author

i would like to understand the reason for the salting of the passwords in this case. salting itself is clear because then often used passwords do not appear in any md5 cracking database. it is the nature of md5 hashing that a simple change in the clear-text results in a very different hash, so just adding an "a" for example is already a good salting because it completely changes the hash.

wouldn't it be possible to use a salting-parameter (a short formula, a text extension etc...) per enterprise server and the license owner is allowed to know? this would make it possible for the operaters of enterprise servers to use own authentication methods.

We will add an option in the PC Monitor Admin app to use your own salting parameter. It will then be combined with your server Url to make it unique for each Enterprise Server instance.

    •

    Create an account or sign in to comment

    Go to topic listing

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.