Perl: the Markov chain saw | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
G'day chandantul, It's unclear exactly what you are doing, so I can only give a general answer. Firstly, don't store plain-text passwords. When a password is set (or changed) pass it through a hashing algorithm (or similar) and store the result. Subsequently, when a user presents a password for authentication, pass that through the same algorithm and compare the result with what's already stored: if they're the same, grant access; if different, deny access. Both perlfaq8 and perlfaq9 have information about passwords. You should probably also look into the various algorithms available, whether you are going to ensure users use strong passwords, how often the passwords need to be changed, how many failed access attempts are allowed before account suspension, and so on. It's a big topic and your question, as I said, can only attract a general answer. — Ken In reply to Re: Need to encrypt the password in config.properties file.
by kcott
|
|