Re: Protecting passwords in source


Perl Monk, Perl Meditation
	PerlMonks

Re: Protecting passwords in source

by thor (Priest)

on Jul 20, 2005 at 03:37 UTC ( [id://476349]=note: print w/replies, xml )

Need Help??

in reply to Protecting passwords in source

It depends if you need the password in plaintext to pass to something else. If not, you could do a one time shot with the following:

perl -le 'print crypt("your password here", "FO")'
[download]

Then in your actual script

my $password = getpassword();
if ( crypt($password, "FO") ne "crypted password from one-liner") {
   #your code here
}
[download]

However, this provides a false sense of security. There's nothing that prevents someone from copying your script and changing the conditional to if(1) {. One other caveat: don't bother picking a password that's longer than 8 characters; crypt truncates at 8 characters for historical reasons.

thor

Feel the white light, the light within Be your own disciple, fan the sparks of will For all of us waiting, your kingdom will come

Comment on Re: Protecting passwords in source Select or Download Code

Replies are listed 'Best First'.
Re^2: Protecting passwords in source by Llew_Llaw_Gyffes (Scribe) on Jul 20, 2005 at 03:53 UTC
However, this limitation can be readily circumvented by using md5crypt() instead (or, in Perl, Digest::MD5).	[reply]

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://476349]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others exploiting the Monastery: (5)

As of 2025-06-24 14:13 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Voting Booth^?

No recent polls found

Notices^?

	• erzuuli	‥ Anonymous Monks are no longer allowed to use Super Search, due to an excessive use of this resource by robots.