Beefy Boxes and Bandwidth Generously Provided by pair Networks
Welcome to the Monastery
 
PerlMonks  

Re: Re: Web based password management (or how *not* to blame tye)

by maverick (Curate)
on Mar 24, 2002 at 21:43 UTC ( #153941=note: print w/replies, xml ) Need Help??


in reply to Re: Web based password management (or how *not* to blame tye)
in thread Web based password management (or how *not* to blame tye)

um...ya..duh. Pardon the blonde moment. I was thinking of a different scheme and combined two. The javascript md5 thing would work if you sent along a random salt into the login page, then the password (or the md5 crypted password) is crypted with this salt and then sent to the server. Thus capturing it wouldn't do any good, since to login again, there would be a different salt.

Better?

/\/\averick
perl -l -e "eval pack('h*','072796e6470272f2c5f2c5166756279636b672');"

  • Comment on Re: Re: Web based password management (or how *not* to blame tye)

Replies are listed 'Best First'.
Re: Re: Re: Web based password management (or how *not* to blame tye)
by belg4mit (Prior) on Mar 24, 2002 at 21:45 UTC
    Yeah, that would be closer to what I did in the past ;-) I used the session ID as the salt. And reset the session on failed attempts.

    --
    perl -pe "s/\b;([st])/'\1/mg"

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://153941]
help
Chatterbox?
and not a whimper to be heard...

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (8)
As of 2018-05-24 18:17 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Notices?