I wonder would anyone be able to help me get my head around Authen::Passphrase::SaltedDigest. I am having trouble with the concept more than anything else.
I need to store hashed passphrases in a MySQL database to increase the security. I have chosen Authen::Passphrase::SaltedDigest but not too sure if I am implementing it correctly. Specifically, I am confused about the salt. If I generated a hash as follows:
$ppr = Authen::Passphrase::SaltedDigest->new(
algorithm => "SHA-1", salt_random => 20,
passphrase => "passphrase");
I then get a hashed string in $ppr as follows:
$hash = $ppr->hash;
So, I take it I store this value in the database, is that correct?
If so, how to I check the users inputted passphrase for a hash match if the salt was random on generation!?
I thought I might have to run the inputted passphrase AND the same salt value through the algorithm to come up with the same hash??
Sorry for the dumb question but can anyone help?