Ok, a few things here. Hashing and encryption are very different. Hashing takes some input, often an arbitrarily large string, and then creates a finite-length hash from that. Inevitably, this means that there are collisions
. Because of this (and a little bit more than that), hashing is called "one way". That is, you can't take a hash and programatically know what the string was that was the basis for that hash. This is different from encryption, which is "two way" and can be reversed precisely.
What you may be trying to do here is replicate how passwords are stored in real life. In real life, when you transmit your password to Facebook or anything, rather than storing it in plain text on their server or even encrypted, which isn't considered secure enough, a hash of your password is stored. When you go to log in, they hash your password and compare it to the hash they have stored. As I mentioned, there are collisions, so there is a very small probability that the wrong password was entered, but it's small enough that it isn't an issue.
Now, what you have here
- Code: Select all
if(password == password2):
will never be true. That's because "password" is a 40-digit hex digest and "password2" is a 20-digit binary digest. They can never
be equal because their lengths are different. I'm not quite sure what you were really trying to accomplish here.
I hope to have illuminated some misconception, but if you have any more specific questions, do feel free to post. In fact, it'd be much appreciated if you let us know what you were trying to accomplish and what you end up with, so that if we see similar questions in the future we could help people more quickly.