Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW
 
PerlMonks  

Re^2: Password Encryption and Decryption

by slayedbylucifer (Scribe)
on Mar 24, 2012 at 11:27 UTC ( #961388=note: print w/ replies, xml ) Need Help??


in reply to Re: Password Encryption and Decryption
in thread Password Encryption and Decryption

thanks grantm. What you have suggested can get me my head spinning towards a whole new approach. I will play around in my spare time. That's a really good suggestion. thanks.


Comment on Re^2: Password Encryption and Decryption
Re^3: Password Encryption and Decryption
by spiros (Beadle) on Aug 13, 2012 at 14:59 UTC
    You can check out Crypt::SaltedHash which implements this - http://search.cpan.org/~esskar/Crypt-SaltedHash-0.06/lib/Crypt/SaltedHash.pm
      I'm not sure that will work as he's trying to login to his AD account with this script. With this password so his script having a hash won't help him unless he's prepared to put the password in again and if he is then his script can't be automated. I'm faced with the same issue, we can't have plaintext passwords, but we want to automate the process of logging into the system to make sure it's avaialble for use. What is the preffered secure way of doing this? Even if we create a service account for this we can't reduce the priviledges enough to satisfy security so there has got to be a way that makes sense. What about something like this: The passwords are stored in an ecrypted file in another location other than the script. The script decrypts the file reads the password and then makes the appropriate checks. (Someone mentioned this earlier I know) The problem is how to do this securely so that the person cannot get the password from the script even if he just runs the code written in the script? When an admin user on a windows system wants to setup a service to run using a specific account they do punch the password into an window that stores the password somewhere for future use. This must be protected somehow no? Perhaps the method is in binary so it makes it a bit harder to thwart?

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://961388]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others pondering the Monastery: (9)
As of 2014-10-21 08:15 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    For retirement, I am banking on:










    Results (98 votes), past polls