Keep It Simple, Stupid | |
PerlMonks |
Re: Re: Encrypting Largish Filesby willdooUK (Beadle) |
on Sep 24, 2001 at 14:35 UTC ( [id://114275]=note: print w/replies, xml ) | Need Help?? |
"Passord" isn't an english word ;) My co-worker told me about a program he wrote in his hacking days which tried a brute force assault on a server over http, giving a name and password from a list of first names. Apparently a lot of people use their first name for both their username and password - so all you need is a list of popular first names.... How about hard-coded passwords - can anyone comment on the security of having an admin password written into a cgi script? I put an admin section into a site, which is based around a single cgi script. The password for using the admin controls is held as a scalar in the cgi code, and I'm hoping thats pretty safe (because the server will always execute that script and not list it to the browser). Am I fooling myself? willdooUK -------------- "Home is a castle you built in my mind; I'm home anywhere, anytime." Donny Hathaway
In Section
Seekers of Perl Wisdom
|
|