Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris
 
PerlMonks  

Re: Keeping a password safe.

by bitingduck (Chaplain)
on Jun 09, 2012 at 04:42 UTC ( #975274=note: print w/replies, xml ) Need Help??


in reply to Keeping a password safe.

Passwords for what purpose?

If you're storing them in a keychain, then the best you can do is encrypt them (preferably salted) and only decrypt as little as you need to use them. But as moritz says, anybody with system access can get to them.

If it's passwords supplied by users that you're storing to authenticate them later, you salt them and hash them with a one-way function and store that, then for authentication you take the user input, apply the salt and one way function and compare that with the stored one. You can make things harder by making the hash take longer.

Replies are listed 'Best First'.
Re^2: Keeping a password safe.
by Steve_BZ (Chaplain) on Jun 10, 2012 at 02:12 UTC

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://975274]
help
Chatterbox?
[stevieb]: interestingly enough, someone else got my Devel::Examine:: Subs distribution for their PRC, and I applaud the change. This dist is extremely complicated and mostly obfu, but the person doing it understood PPI enough to change...
[stevieb]: ...something I had overlooked in the extreme depths of the core functionality. After merging, then a couple of extra tweaks, I still have 100% test coverage. Yay for people who write tests!

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (5)
As of 2017-01-24 01:22 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Do you watch meteor showers?




    Results (199 votes). Check out past polls.