http://www.perlmonks.org?node_id=961618


in reply to Re^3: Password Encryption and Decryption
in thread Password Encryption and Decryption

No, noone is failing to say that. Everyone but you is realizing that storing a hashed password isn't going to solve the OPs problem.

Here's an example how hashed passwords are utterly useless: You have an application that needs access to a database. Access is password controlled. I give you the hashed password, and tell you to write a script to retrieve a piece of data from the database. Now, what's your plan? How do you intend to use this hashed password?

Hashed passwords are great if your purpose is to check whether a given password is valid. However, the point of hashing passwords is to make retrieving them impractical. Which means that if you need the plain text password, hashed passwords are not the answer.

  • Comment on Re^4: Password Encryption and Decryption

Replies are listed 'Best First'.
Re^5: Password Encryption and Decryption
by grantm (Parson) on Mar 27, 2012 at 00:25 UTC
    Hashed passwords are great if your purpose is to check whether a given password is valid.

    Which is what I understand the original requirements to be. They are a bit unclear - I interpreted them as needing to check a password, you interpreted them as needing a password in clear text (perhaps to pass to a DB or something else).