diff --git a/src/modules/module_23400.c b/src/modules/module_23400.c
index c40f46f34..98a35b512 100644
--- a/src/modules/module_23400.c
+++ b/src/modules/module_23400.c
@@ -24,7 +24,7 @@ static const u32   OPTI_TYPE      = OPTI_TYPE_ZERO_BYTE
 static const u64   OPTS_TYPE      = OPTS_TYPE_PT_GENERATE_LE;
 static const u32   SALT_TYPE      = SALT_TYPE_EMBEDDED;
 static const char *ST_PASS        = "hashcat";
-static const char *ST_HASH        = "$bitwarden$1*100000*noreply@hashcat.net*zAXL7noQxkIJG82vWuqyDsnoqnKAVU7gE/8IRI6BlMs=";
+static const char *ST_HASH        = "$bitwarden$1*100000*bm9yZXBseUBoYXNoY2F0Lm5ldA==*zAXL7noQxkIJG82vWuqyDsnoqnKAVU7gE/8IRI6BlMs=";
 
 u32         module_attack_exec    (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC;     }
 u32         module_dgst_pos0      (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0;       }
@@ -123,8 +123,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
                    | TOKEN_ATTR_VERIFY_DIGIT;
 
   token.sep[3]     = '*';
-  token.len_min[3] = SALT_MIN;
-  token.len_max[3] = SALT_MAX;
+  token.len_min[3] = 1;
+  token.len_max[3] = ((SALT_MAX * 8) / 6) + 3;
   token.attr[3]    = TOKEN_ATTR_VERIFY_LENGTH;
 
   token.sep[4]     = '*';
@@ -159,18 +159,25 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
   const u8 *salt_pos = token.buf[3];
   const int salt_len = token.len[3];
 
-  const bool parse_rc = generic_salt_decode (hashconfig, salt_pos, salt_len, (u8 *) salt->salt_buf, (int *) &salt->salt_len);
+  u8 tmp_buf[SALT_MAX + 1] = { 0 };
 
-  if (parse_rc == false) return (PARSER_SALT_LENGTH);
+  int tmp_len = base64_decode (base64_to_int, salt_pos, salt_len, tmp_buf);
+
+  if (tmp_len <        1) return (PARSER_SALT_LENGTH);
+  if (tmp_len > SALT_MAX) return (PARSER_SALT_LENGTH);
+
+  memcpy (salt->salt_buf, tmp_buf, tmp_len);
+
+  salt->salt_len = tmp_len;
 
   // hash
 
   const u8 *hash_pos = token.buf[4];
   const int hash_len = token.len[4];
 
-  u8 tmp_buf[100] = { 0 };
+  memset (tmp_buf, 0, sizeof (tmp_buf));
 
-  int tmp_len = base64_decode (base64_to_int, hash_pos, hash_len, tmp_buf);
+  tmp_len = base64_decode (base64_to_int, hash_pos, hash_len, tmp_buf);
 
   if (tmp_len != 32) return (PARSER_HASH_LENGTH);
 
@@ -194,9 +201,11 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
 
   // salt_buf
 
-  u8 salt_buf[SALT_MAX + 1] = { 0 };
+  #define SALT_LEN_BASE64 ((SALT_MAX * 8) / 6) + 3
+
+  u8 salt_buf[SALT_LEN_BASE64] = { 0 };
 
-  generic_salt_encode (hashconfig, (const u8 *) salt->salt_buf, (const int) salt->salt_len, (u8 *) salt_buf);
+  base64_encode (int_to_base64, (const u8 *) salt->salt_buf, (const int) salt->salt_len, salt_buf);
 
   // hash_buf
 
diff --git a/tools/test_modules/m23400.pm b/tools/test_modules/m23400.pm
index b4c8e1794..0981b0db0 100644
--- a/tools/test_modules/m23400.pm
+++ b/tools/test_modules/m23400.pm
@@ -11,7 +11,7 @@ use warnings;
 use Crypt::PBKDF2;
 use MIME::Base64 qw (encode_base64 decode_base64);
 
-sub module_constraints { [[0, 256], [0, 256], [-1, -1], [-1, -1], [-1, -1]] }
+sub module_constraints { [[0, 256], [1, 256], [-1, -1], [-1, -1], [-1, -1]] }
 
 sub module_generate_hash
 {
@@ -38,7 +38,7 @@ sub module_generate_hash
   my $digest1 = $kdf1->PBKDF2 ($email, $word);
   my $digest2 = $kdf2->PBKDF2 ($word, $digest1); # position of $word switched !
 
-  my $hash = sprintf ("\$bitwarden\$1*%d*%s*%s", $iter, $email, encode_base64 ($digest2, ""));
+  my $hash = sprintf ("\$bitwarden\$1*%d*%s*%s", $iter, encode_base64 ($email, ""), encode_base64 ($digest2, ""));
 
   return $hash;
 }
@@ -56,19 +56,22 @@ sub module_verify_hash
 
   return unless substr ($hash, 0, 12) eq '$bitwarden$1';
 
-  my ($type, $iter, $salt, $hash_base64) = split ('\*', $hash);
+  my ($type, $iter, $salt_base64, $hash_base64) = split ('\*', $hash);
 
   return unless defined ($type);
   return unless defined ($iter);
-  return unless defined ($salt);
+  return unless defined ($salt_base64);
   return unless defined ($hash_base64);
 
   $type = substr ($type, 11);
 
   return unless ($type eq '1');
   return unless ($iter =~ m/^[0-9]{1,7}$/);
+  return unless ($salt_base64 =~ m/^[a-zA-Z0-9+\/=]+$/);
   return unless ($hash_base64 =~ m/^[a-zA-Z0-9+\/=]+$/);
 
+  my $salt = decode_base64 ($salt_base64);
+
   my $word_packed = pack_if_HEX_notation ($word);
 
   my $new_hash = module_generate_hash ($word_packed, $salt, $iter);