Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl Monk, Perl Meditation
 
PerlMonks  

comment on
( [id://3333]=superdoc: print w/replies, xml ) Need Help??

Decrypting may be impossible, but you don't have to decrypt it -- you just have to find something that creates the same string when encrypted using the same routines through brute force.

Computer security is a bit of a misnomer -- it's never secure in an absolute sense, it just has an acceptable risk, normally by using mechanisms that will attempt to reduce a person's chance of managing to gain access without permission before the information loses its value down to an acceptable level.

But now, we get to the real question -- why is the password in the file? All of these suggestions to store the password using a one way encryption are great, if the script is authenticating a user giving the password. If the script is a client, and needs the password to connect to another service, those suggestions aren't useful.

The original poster might be interested in the thread Quest: a bulletproof-secure, automated scraper, which had a few suggestions on better protecting a password, but they all just slow down someone trying to get the password, and they're not likely to have a whole lot of help on a system where you don't trust people with root access, who could just change the code to write the unencypted/unobfuscated password before it makes use of it.

In reply to Re^3: Protecting passwords in source by jhourcle
in thread Protecting passwords in source by celliott

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
    • Log In?
    Username:
    Password:

    What's my password?
    Create A New User
    Domain Nodelet?

    www.com | www.net | www.org
    Chatterbox?
    and the web crawler heard nothing...

    How do I use this?Last hourOther CB clients
    Other Users?
    Others learning in the Monastery: (5)
    As of 2025-06-13 17:30 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?

      No recent polls found
      Notices?
      erzuuliAnonymous Monks are no longer allowed to use Super Search, due to an excessive use of this resource by robots.