Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw
 
PerlMonks  

Re: encryption in perl

by radiantmatrix (Parson)
on Jun 06, 2012 at 20:28 UTC ( #974826=note: print w/ replies, xml ) Need Help??


in reply to encryption in perl

Please make sure you examine why you're encrypting passwords. If you're storing passwords your app must use to log-in to another service, OK. If these are passwords that people or applications will use to authenticate to you, you should be using a salted one-way hash (see this article for a nice overview).

Basically, you want to use some thing like Math::Random::Secure to generate a secure "salt", add that salt to the password, then hash the whole thing with Crypt::Eksblowfish::Bcrypt or the sha512 methods from Digest::SHA. Don't forget to store the salt, too, or you'll have trouble on check.

When you check the user's password input, you retrieve the salt and the hash, hash the salt with the provided password, and compare the hash you just generated to the one you stored. If they match, the user provided the right password.

<radiant.matrix>
Ramblings and references
“A positive attitude may not solve all your problems, but it will annoy enough people to make it worth the effort.” Herm Albright
I haven't found a problem yet that can't be solved by a well-placed trebuchet


Comment on Re: encryption in perl
Download Code
Re^2: encryption in perl
by rashlin (Novice) on Jun 10, 2012 at 14:23 UTC
    thanks for your responses, i need to be able to decrypt it, the password is needed to connect to an external application.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://974826]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (6)
As of 2014-09-23 03:16 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    How do you remember the number of days in each month?











    Results (210 votes), past polls