Lets say i have a set of passwords using Bcrypt with $2y$ prefix.Now i am moving to elixir for my website.so i am using comeonin as password hashing library, when i check my old passwords using following function
Comeonin.Bcrypt.checkpw("hard to guess", stored_hash)
I am getting argument error like
Comeonin Bcrypt does not support the 2y prefix
Later i came to know that Comeonin lib is not support validating passwords using bcrypt with $2y$ prefix, Is there any other library that support $2y$ prrefix
$2y$ prefix is not a standard prefix but something added by PHP devs when they fixed their own implementation. I do think that anything else than PHP supports such prefix.
I do think that it may work just fine if you update your prefixes from $2y$ to something like $2a$ before checking password. Do it on the fly with regular expression before passing to Comeonin.
I am basing my knowledge on the link above, but as far as I understand $2y$ is simply equivalent to $2a$, marking that it’s generated using previously broken - and now corrected - PHP implementation. In my opinion this should work just fine.
