http://www.perlmonks.org?node_id=677770


in reply to encryption and decryption

First, understand that security is harder than you think it is. I'm a security professional, and every day I still discover that security is harder than I thought in some way.

It concerns me that you're asking about "decryption" for passwords. Password-based authentication systems that are any kind of secure never decrypt anything. Instead, they store a one-way (i.e. irreversible) hash of the password. Then, when a user enters a password, the same hash algorithm is applied to it -- if that hash matches the stored hash, then the passwords were the same.

If this is what you want to do, I strongly suggest looking at using Crypt::Eksblowfish::Bcrypt. The Bcrypt algorithm is similar to crypt, but has several very nice security features. This algorithm is the default for FreeBSD as well -- widely considered one of the most security-conscious OS's available.

On the off chance that you are really needing to store an encrypted password that needs to be decrypted (for example, if you'll be using the password to log into some service automatically, and want to store it securely), I suggest using AES; this is also known as Rijndael. You'll need Crypt::CBC and Crypt::Rijndael for this purpose.

<radiant.matrix>
Ramblings and references
The Code that can be seen is not the true Code
I haven't found a problem yet that can't be solved by a well-placed trebuchet