3

what are the functions of different parameters in firebase authentication

I searched the internet to get the information of the these parameters, but I was unsuccessful. What is the difference between rounds and mem_cost?What does Bw== in salt seperator mean

hash_config { algorithm: SCRYPT, base64_signer_key: jxspr8Ki0RYycVU8zykbdLGjFQ3McFUH0uiiTvC8pVMXAn210wjLNmdZJzxUECKbm0QsEmYUSDzZvpjeJ9WmXA==, base64_salt_separator: Bw==, rounds: 8, mem_cost: 14, }
Improve this question
2
  • Could you edit the question to say more about where you saw these parameters, and the code you used to generate what you're showing now? Commented Aug 12, 2019 at 17:29
  • i saw these parameters in firebase authentication,(password hash parameters) from the menu Commented Aug 12, 2019 at 17:55

2 Answers 2

Reset to default
1

Firebase Authentication uses an internal version of the scrypt password-based key derivation function to hash account passwords.

Unique hash parameters are generated for each Firebase project. These may be viewed in:

Firebase Console > Authentication > Users

Select Password Hash Parameters from the drop down in the upper-right hand corner of the users table.

Firebase Scrypt Parameters

  • algorithm - SCRYPT
  • base64_signer_key - The public key of the signer
  • base64_salt_separator - The separator to use when concatenating the hash with the salt
  • rounds - The blocksize parameter, which fine-tunes sequential memory read size and performance. An integer between 0 and 120000 (inclusive).
  • mem_cost - The memory cost. An integer between 1 and 14 (inclusive)

Additional Resources

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

could you explain what is the difference between rounds and memory cost?
@KattaOmkareshwar See updated information on hash parameters.
It looks like the upper-right hand corner of the users table in the Firebase console no longer contains a drop down; is there any updated information on how to inspect the password hash parameters for a given project?
@ChristopherPeisert thanks! I previously only had Viewer privileges on the Firebase project, which apparently is not enough to have access to the password hash parameters. Once I gained Owner privileges, the three dots appeared.
-4 
hash_config { algorithm: SCRYPT, base64_signer_key: ecUEAYeNIvBmRWc+TvdNG+EaHzoABQnQeDWLva2/Onb2iTTxVDTUZ7KdXlQpxD7pVmcM9LR6L9QzCnI8mjR64A==, base64_salt_separator: Bw==, rounds: 8, mem_cost: 14, }
Improve this answer

1 Comment

Please don't post only code as answer, but also provide an explanation what your code does and how it solves the problem of the question. Answers with an explanation are usually more helpful and of better quality, and are more likely to attract upvotes.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.