Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things
 
PerlMonks  

Re: Password Encryption

by derby (Abbot)
on Aug 20, 2002 at 08:17 UTC ( [id://191408]=note: print w/replies, xml ) Need Help??


in reply to Password Encryption

For storing passwords, you really don't want encryption, you want a one-way hash function such as crypt. This allows you to safely "encrypt" (one-way hash) a word but you can never really decrypt. In order to check if the password is valid, you would run the entered password through the one-way hash function and compare that value with the stored value. The unicode req really throws a wrench into things, I'm not sure if crypt will handle that. There are other one-way hash modules on cpan such as MD5 and SHA that may also be helpful.

-derby

Replies are listed 'Best First'.
Re: Re: Password Encryption
by ichimunki (Priest) on Aug 20, 2002 at 14:25 UTC

    Although I like the approach of using hashes to protect passwords, this system does have a major drawback in that the passwords are not recoverable. In some cases this is unacceptable since it means options like, "email me my password" are not available. Since the poster specified the ability to "decrypt" the password, either they are unclear on what their requirements truly are, or a one-way function is not a solution in this case.

[reply]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://191408]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others musing on the Monastery: (6)
As of 2024-04-26 08:43 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found