Beefy Boxes and Bandwidth Generously Provided by pair Networks
Welcome to the Monastery
 
PerlMonks  

comment on

( #3333=superdoc: print w/replies, xml ) Need Help??
ig,
If the passwords were encrypted, as they should be, then the current password reminder function would not be possible.

I know this thread is about something far more serious then nitpicking wording, but I still feel it necessary to point out the problem with your statement. Too many people that visit this site don't understand cryptography to know how to properly interpret what you have said.

You have implied that if something is encrypted, that it can't be decrypted ("not be possible"). I think you meant s/encrypted/hashed/ which is a cryptographic hash and is intended not to be reversible. So how could the data be stored in the database encrypted and still allow the passwords to be emailed decrypted in plain text? One way would be to use symmetric encryption such as AES. It uses the same key to encrypt and decrypt which means the key would need to be stored in a safe place. Since the box was rooted, it is unlikely a determined individual would not have been able to eventually find and decrypt the passwords. Asymmetric encryption wouldn't be practical as a means of storing passwords as I understand the PerlMonk's design.

In a nutshell, I agree that the passwords should be hashed which is what I believe you meant by encrypted.

Cheers - L~R


In reply to Re^4: It's Time for Everyone to Change Passwords! by Limbic~Region
in thread It's Time for Everyone to Change Passwords! by toma

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":



  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
  • Log In?
    Username:
    Password:

    What's my password?
    Create A New User
    Chatterbox?
    and the web crawler heard nothing...

    How do I use this? | Other CB clients
    Other Users?
    Others rifling through the Monastery: (11)
    As of 2019-10-14 13:43 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?
      Notices?