Beefy Boxes and Bandwidth Generously Provided by pair Networks
Problems? Is your data what you think it is?
 
PerlMonks  

Encoding Password

by Jemts (Monk)
on May 11, 2001 at 00:42 UTC ( [id://79556]=perlquestion: print w/replies, xml ) Need Help??

Jemts has asked for the wisdom of the Perl Monks concerning the following question:

I was thinking of ways to take a password and when you save it encode it. Are there any widley use advance way to do this safely?

Jemts

"If you're traveling in a time machine, and you're eating corn on the cob, I don't think it's going to affect things one way or the other. But here's the point I'm trying to make: Corn on the cob is good, isn't it."

Replies are listed 'Best First'.
Re: Encoding Password
by knobunc (Pilgrim) on May 11, 2001 at 00:51 UTC

    It depends what you want to do.

    Do you want to:

    1. Be able to get the exact text back later? e.g. to pass to a different program to authenticate the user.
    2. Be able to simply check that the password given matches the one previously given

    The two cases are different since in the first you have to have a reversible way of getting it out which is pretty much going to be unsafe no matter what. If you can do the second case you can use the crypt function to munge the password, store the munged version and then later munge the new password given and compare the two munged versions. That way you never need to store the cleartext version.

    If that doesn't help, tell us what you are really trying to do and we will help.

    -ben

[reply]
Re: Encoding Password
by Sherlock (Deacon) on May 11, 2001 at 00:52 UTC
    You can probably turn up a lot of information on this topic if you use Super Search. You can take a look here to get a nice tutorial of how to use encryption. That link came from this node and there are lots of others around here such as How do I decode encrypted password files? and A very simple userid/password check. Hopefully, some of these will have what you're looking for.

    If you still can't find what you're looking for or are having trouble with a specific portion of the encryption, post what you're having trouble with and maybe I can be of more help. Hopefully, this will at least get you started.

    Good luck,
    - Sherlock

    Skepticism is the source of knowledge as much as knowledge is the source of skepticism.
[reply]
Re: Encoding Password
by thpfft (Chaplain) on May 11, 2001 at 01:33 UTC

    You might want to try Apache::Htpasswd. It gives more or less transparent access to apache authentication. Two possible drawbacks, though: it's very hard to force a logout without ending the browser session if you log in via apache, and this falls into knobunc's second category, ie you can still check against the encrypted version but never get the plaintext version of the password back again.

[reply]
Re: Encoding Password
by ZZamboni (Curate) on May 11, 2001 at 01:49 UTC
[reply]

Back to Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: perlquestion [id://79556]
Approved by root
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others sharing their wisdom with the Monastery: (7)
As of 2024-04-24 06:29 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found