in reply to
pure Perl SHA-256 crypt()
I wonder if this is an appropriate time for your company to Meditate on whether now might be a very good time to replace that authentication mechanism with, say, LDAP?
There are many good reasons to consider such a thing, especially when multiple hardware platforms are beginning to enter the mix. It is at such a juncture that systems begin to become un-manageable, i.e. strictly from a corporate infrastructure-management point of view. You really do want to be able to control everything from one centralized, consistent administrative interface. This is usually not how systems begin, but when the bullet is finally bitten and the legacy systems are changed, the company often breathes an immense sigh of relief. I personally suggest that the idea should be submitted for very serious consideration. Perhaps, to quote Ensign Chekov, “Now would be a very good time, Scotty...”