comment on

It's unclear exactly what you are doing, so I can only give a general answer.

Firstly, don't store plain-text passwords. When a password is set (or changed) pass it through a hashing algorithm (or similar) and store the result. Subsequently, when a user presents a password for authentication, pass that through the same algorithm and compare the result with what's already stored: if they're the same, grant access; if different, deny access.

Both perlfaq8 and perlfaq9 have information about passwords.

You should probably also look into the various algorithms available, whether you are going to ensure users use strong passwords, how often the passwords need to be changed, how many failed access attempts are allowed before account suspension, and so on. It's a big topic and your question, as I said, can only attract a general answer.

— Ken

In reply to Re: Need to encrypt the password in config.properties file. by kcott
in thread Need to encrypt the password in config.properties file. by chandantul

Are you posting in the right place? Check out Where do I post X? to know for sure.
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
Want more info? How to link or How to display code and escape characters are good places to start.


Perl: the Markov chain saw
	PerlMonks