Beefy Boxes and Bandwidth Generously Provided by pair Networks
Your skill will accomplish
what the force of many cannot
 
PerlMonks  

Re: Crypt::CBC and verifying passwords

by Ryszard (Priest)
on May 19, 2004 at 18:02 UTC ( #354702=note: print w/ replies, xml ) Need Help??


in reply to Crypt::CBC and verifying passwords

You really should know that storing passwords client side in a cookie is a bad idea. Encrypt and compare baby, all the way, SERVER side.


Comment on Re: Crypt::CBC and verifying passwords
Replies are listed 'Best First'.
Re: Re: Crypt::CBC and verifying passwords
by geektron (Curate) on May 19, 2004 at 18:05 UTC
    i'm aware that (unencrypted) almost anything in a cookie is a Bad Idea ™, but without rearchitecting this whole application, i'm stuck with encrypted cookies.

    encrypted in cookie, decrypted and compared server side.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://354702]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (7)
As of 2015-07-08 00:32 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (93 votes), past polls