mjd-perl-pm on Fri, 15 Dec 2000 12:29:13 -0500 (EST)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: Passowrds, encryption, PGP, etc


> Problem 1: I need to store their dial-in passwords.
> Please don't flame me for it - it wasn't my decision.
> These passwords are stored on Unix box in Informix DB so
> it's not that easy to get to them. Anyway, I don't like
> the idea of storing unencrypted passwords. That's why I
> need an encryption/decryption algorithm, 

When you encrypt the passwords, you don't want to be able to decrypt
them, because then someone might.  Instead, you use what's called a
'one-way hash' algorithm, which scrambles the password but is
impossible to reverse.

Then when the user enters their password, you scramble it the same way
and see if the two scrambled versions match.

Normally I would recommend the MD5 or SHA algorithms; there are Perl
modules for both.  However:

> not too complicated because my boss may want to access the passwords
> from ms access/vb.

I can't help you with this part.

**Majordomo list services provided by PANIX <URL:http://www.panix.com>**
**To Unsubscribe, send "unsubscribe phl" to majordomo@lists.pm.org**