Do you need to decrypt this password again or check that a user knows this password ?
If you need to decrypt it again in the script it will only be obfuscated and anyone with enough Perl knowledge will be able to decrypt it too.
if you just need to check a user knows it you can store a hash of the password (MD5 hash should do the trick) and then compare a hash of the user attempt. To make this a little more secure you should mix the password with a salt before hashing it. This stops making a dictionary of many password hashes and then seeing if yours is already know. The salt can be stored clear along with the password hash.
Update, code added
#!/usr/bin/perl
use strict;
use warnings;
use Digest::MD5 qw (md5_base64);
print "enter a password to store: ";
my $password = <STDIN>;
my $salt = time;
my $digest = md5_base64($password.$salt);
print "salt: $salt hash: $digest\n";
my $enter = 0;
until ($enter) {
print "Speak friend and enter: ";
my $try = <STDIN>;
my $tryhash = md5_base64($try.$salt);
$enter++ if $tryhash eq $digest;
}
print "Welcome friend\n";
__END__
# output ...
enter a password to store: friend
salt: 1235062413 hash: 2eJWH+Yjy1Fw8J9wW6vmAg
Speak friend and enter: enemy
Speak friend and enter: friend
Welcome friend
Cheers, R.
Pereant, qui ante nos nostra dixerunt!
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.
|