What you are doing with Digest::MD5 is not actually a crypt-style MD5 digest. It is just a simple MD5 digest with a constant component (what you have erroneously called the "salt") tacked on the end of the digest source. While it is still better than storing the plain text directly, it is not as good as actual MD5 crypt. A good explanation of what MD5 crypt is beyond a simple MD5 hash, go here (read the larger presentation about bcrypt, as well, if you like).
Whether your simple system actually needs to use a crypt-style system is up to you. The idea of crypt and cousins is to increase the computational cost of checking a password. The trade-off is between responsiveness for legitimate users and deterrence of brute-force and dictionary attacks. The simple MD5 hash is almost certainly lower on this scale that traditional, DES-based crypt, and definitely below MD5 crypt. In my case, I would probably choose MD5 crypt (or SHA crypt or bcrypt, if feasible), in most cases, since I like to do whatever simple things I can to make myself feel more secure.
In terms of implementation, there are two possibilities that I'll mention (who knows what others there are):
- Your operating system's version of crypt already supports extended variants of crypt (MD5, SHA, or bcrypt). This means that the crypt command built in to Perl already supports these variants. There is a good explanation of using built-in MD5 crypt here. (Read the reply to that node for some good caveats as well.)
- Use Crypt::PasswdMD5 for a pure Perl implementation of the MD5 crypt algorithm. (DISCLAIMER: I've never actually used this myself, YMMV)
Other than that complaint, I'd say what I've read of the course is generally quite well written, thought out, and researched.