Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris
 
PerlMonks  

Re: Passwords, hashes, and salt

by Zaxo (Archbishop)
on Jun 24, 2005 at 18:33 UTC ( #469786=note: print w/replies, xml ) Need Help??


in reply to Passwords, hashes, and salt

Crypt::PasswdMD5 is, in practice, easy to use. The salt is prefixed to the the returned password hash, so you don't need to use a constant one. Just extract that substring from the stored hash and use it as salt for the offered password, then compare strings. When you first store a password hash, any random salt will do. The randommer, the better.

The purpose of salt is to make wordlist dictionarys impractically large.

After Compline,
Zaxo

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://469786]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others pondering the Monastery: (7)
As of 2019-05-22 09:39 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Do you enjoy 3D movies?



    Results (138 votes). Check out past polls.

    Notices?
    • (Sep 10, 2018 at 22:53 UTC) Welcome new users!