You have to compare before commit, the unhashed value against the hashed SSHA256 value. You have to iterate (direct xPath/OQL query is not possible) through the history and call the Java compare function that looks something like this:
MendixHashString password = (MendixHashString ) __account.getMember(this.getContext(), "Password");
return password.verifyValue(this.getContext(), this.unhashedPassword);
There is no way to compare hashes after commit when you don't have the unhashed password because of the salt (only possible for not salted passwords as SHA-256, MD5, and so on).
Hi, did you check the Community Commons app in the appstore for the Hash (Hashes a value using the SHA-256 hash algorithm) function?
Hi Martijn,
We have the same functionality here, we use
MessageDigest md = MessageDigest.getInstance("SHA-256");
md.update(value.getBytes("UTF-8"));
return base64Encode(new String(md.digest()));
to get a hash. The password history is only accessible for the owner user and only used in a microflow to find whether a password is already used. So we don't need to protect these hashes because they can not be read and analysed outside the system.