Beefy Boxes and Bandwidth Generously Provided by pair Networks vroom
Don't ask to ask, just ask
 
PerlMonks  

Re: Embeded passwords

by flexvault (Vicar)
on Aug 29, 2012 at 17:58 UTC ( #990521=note: print w/ replies, xml ) Need Help??


in reply to Embeded passwords

TechFly,

I did something like this for a web-site that uses 'http' and not 'https'. The site required the user to login before seeing his information. The purpose was to prevent malicious updating of user information by hackers, and the site did not hold any sensitive information. The solution was to develop a mathematical Perl algorithm on the server side, and a javascript generated mathematical response from the PC.

The 'cgi-bin' Perl script would send a 'login' screen with dynamically generated tokens that when the person typed the password, javascript would change the tokens to a new set that was sent to the server. Perl on the server would process the new tokens and use the server side 'password' and if they matched correctly, then the user was logged in. The tokens never repeated, and were generated so that they had to be used within 1 minute. If this is what you need, I'll find the code and post it.

For our purposes this was safe enough!

Regards...Ed

"Well done is better than well said." - Benjamin Franklin


Comment on Re: Embeded passwords

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://990521]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chanting in the Monastery: (8)
As of 2014-04-19 12:40 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    April first is:







    Results (480 votes), past polls