Ask coding questions

← Back to all posts
Can anyone bypass onto my REPL account? I made a secure login system.
MatthewADev (18)

HINT for you guys to do it!

Answered by Coder100 (18253) [earned 5 cycles]
View Answer
Coder100 (18253)


MatthewADev (18)

@Coder100 NOOOOOO U GOT ME D: idk how to use replit, can set it up for me


Coder100 (18253)

unfortunately your password isn't very secure i made an easy program to crack it


maybe try using replit db, no one can access it except you

Baconman321 (1097)

@Coder100 It's just a caesar cipher, which vulnerable to the KPA attack.

OldWizard209 (1544)

This is what I see in the up.txt file:

And I will not try to log in to your account using this password and your username because that is just absurd and I do not want to be a potential rule breaker

MatthewADev (18)

@OldWizard209 does it work when u try that? i tried it and it didnt work

MatthewADev (18)

@OldWizard209 oh and btw "CzJ" isnt the user. :troll:
and the password isnt that

Baconman321 (1097)

@2I9 The encrypt is basically a simple caesar cipher.

Ez to crack, I recommend hashing instead.

MatthewADev (18)

for example, with my method heres what it does.
password to r„„ˆ€ƒu and if the password is dewcent, itll add symbols such as ………€the ? mark and a invisible unicode
[still works when happen]

Baconman321 (1097)

@2I9 Hashing is like a 1-way encryption. You can't decrypt. It also generates a unique ciphertext depending on the input.

You may ask: "Why, then? How will I retrieve the password and compare?"

Answer: you don't.

Instead, you hash the password attempt and compare it to the hashed password. If they match, then the passwords are the same (because each unique input yields a unique ciphertext). If not, then they aren't a match.

You should use bcrypt, which is specially designed for password hashing:

I don't know python, so I can't help you there. Try posting another question on how to do hashing with bcrypt if you are stuck.