I was using Laravel to register the users. It uses bcrypt like so:

$2y$10$kb9T4WXdz5aKLSZX1OkpMOx.3ogUn9QX8GRZ93rd99i7VLKmeoXXX

I am currently making another script that will authenticate users from another source using python. I installed py-bcrypt and tried it. The format is as follows:

$2a$10$Vj0b0GZegbpXIIpa/lvi9OjkAFJ5zNzziVRW7yN9ssDKVQDX47XXX

But on python I cannot authenticate the user because of invalid salt.

I noticed that Laravel bcrypt uses $2y while python uses $2a. How do I get around this?

notes:

I used 10 rounds for both crypts.

I just found out that the 2a and 2y are very similar except for the name(prefix).

replacing 2y of the laravel hash, to 2a still keeps the integrity of the hash and should work properly and match the password even if you replace the identity.

In my case (question) the solution was to use str.replace('$2y$', '$2a$') and it all worked well. Now the py-bcrypt accepts the hash without the error invalid salt.

Good Luck guys.