Beefy Boxes and Bandwidth Generously Provided by pair Networks
No such thing as a small change

Re: Embeded passwords

by flexvault (Monsignor)
on Aug 29, 2012 at 17:58 UTC ( #990521=note: print w/replies, xml ) Need Help??

in reply to Embeded passwords


I did something like this for a web-site that uses 'http' and not 'https'. The site required the user to login before seeing his information. The purpose was to prevent malicious updating of user information by hackers, and the site did not hold any sensitive information. The solution was to develop a mathematical Perl algorithm on the server side, and a javascript generated mathematical response from the PC.

The 'cgi-bin' Perl script would send a 'login' screen with dynamically generated tokens that when the person typed the password, javascript would change the tokens to a new set that was sent to the server. Perl on the server would process the new tokens and use the server side 'password' and if they matched correctly, then the user was logged in. The tokens never repeated, and were generated so that they had to be used within 1 minute. If this is what you need, I'll find the code and post it.

For our purposes this was safe enough!


"Well done is better than well said." - Benjamin Franklin

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://990521]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (5)
As of 2018-06-22 00:20 GMT
Find Nodes?
    Voting Booth?
    Should cpanminus be part of the standard Perl release?

    Results (120 votes). Check out past polls.