verifyBCryptHash

This function compares a plaintext entry to the hashed string.
NOTE 1:Hashing is one-way, so you can't "decrypt" a hashed value. You have to hash the value you want to check and then compare that to the saved hash.
NOTE 2: The version and rounds don't need to be specified because they are included at the beginning of the hashed string.

verifyBCryptHash(plaintext,hashedstring); → returns boolean

This function requires Adobe ColdFusion 2021 and up.  Not supported on Lucee, etc.
  1. CFDocs
  2. Functions
  3. ColdFusion 2021 New Functions and Tags
  4. verifyBCryptHash
  5. CF2021+
  6. 0 Issue
  7. Edit
See Also:   generateBCryptHash   generateSCryptHash   verifySCryptHash   hash   encrypt   decrypt   generateSecretKey

Argument Reference

plaintext string
Required

The unhashed string to compare.

hashedstring string
Required

The hashed string to compare.

Links more information about verifyBCryptHash

Examples
Sample code invoking the verifyBCryptHash function

This is an example of using the function to check against a hashed value.

secretMsg="$2a$10$.jQX1KnwPzhvVet0vEENnOlO8C70oM8GQhu0MQnCgcIlWhguWb3q.";
checkMe="My voice is my passport. Verify me."
writeOutput(verifyBCryptHash(checkMe,secretMsg);

Expected Result: YES

This is an example of using the function to check against a hashed value when the options were previously set.

secretMsg="$2b$05$Cf4c5OFks8s8QKrByuEA7OHQDKSKPs5217L0H1DowfFLY3RLbFi4a";
checkMe="Setec Astronomy"
writeOutput(verifyBCryptHash(checkMe,secretMsg);

Expected Result: YES

Signup for cfbreak to stay updated on the latest news from the ColdFusion / CFML community. One email, every friday.

Fork me on GitHub