in reply to encryption in perl

Please make sure you examine why you're encrypting passwords. If you're storing passwords your app must use to log-in to another service, OK. If these are passwords that people or applications will use to authenticate to you, you should be using a salted one-way hash (see this article for a nice overview).

Basically, you want to use some thing like Math::Random::Secure to generate a secure "salt", add that salt to the password, then hash the whole thing with Crypt::Eksblowfish::Bcrypt or the sha512 methods from Digest::SHA. Don't forget to store the salt, too, or you'll have trouble on check.

When you check the user's password input, you retrieve the salt and the hash, hash the salt with the provided password, and compare the hash you just generated to the one you stored. If they match, the user provided the right password.

Ramblings and references
“A positive attitude may not solve all your problems, but it will annoy enough people to make it worth the effort.” Herm Albright
I haven't found a problem yet that can't be solved by a well-placed trebuchet

Replies are listed 'Best First'.
Re^2: encryption in perl
by rashlin (Novice) on Jun 10, 2012 at 14:23 UTC
    thanks for your responses, i need to be able to decrypt it, the password is needed to connect to an external application.