go ahead... be a heretic | |
PerlMonks |
Re: password checking?by mvaline (Friar) |
on Aug 13, 2005 at 15:42 UTC ( [id://483563]=note: print w/replies, xml ) | Need Help?? |
This can be as simple or complex or insecure or secure as you want; just remember that simple does not always equal insecure and complex does not always equal secure. Storing passwords in plaintext in a database is probably not a good idea. You will probably want to encrypt the passwords at least. You didn't specify if this is a standalone perl script or a web script... you security concerns are likely to be different depending on this. One of the easiest options is always to plug into an existing authentication service from the shadow password file to .htaccess files if you're using apache. I do most of my work in a Microsoft-centric corporate environment, so I usually try to plug into ActiveDirectory. If it's a web script, see Password Authentication Module You will probably be able to glean some techniques from these:
In Section
Seekers of Perl Wisdom
|
|