No, there doesn't have to be any means of decrypting the passwords. Nor should there be.

A lovely sentiment, but it's a bit rose-colored. The statement only applies in a perfect world, and many of us are stuck keeping an imperfect world running effectively and doing what we can to make it better within the confines of limited resources (including time, as well as arbitrary process rules).

If you are handed a system where thousands of access routines managed by hundreds of non-IT folks are being used, the task of converting their access to more modernized and secure authentication techniques may not be permissible.

Under those circumstances, obfuscation may be your only hope (Obi-wan).

While I generally agree that the only thing worse than bad security is fake security, there are times when that's the only tool left in the toolbox.

In the end, our job is to help. Sometimes poorly, sometimes over-constrainedly -- but help, as best we can, is the mission.

I can already hear sundialsvc4's skin crinkling as he cringes at all the things that will go wrong in the future when such a decision is made -- and he's right.

I suppose if you really felt strongly about it you could stake your job on it say 'no' to your boss.

To that I can only say: Choose your battles wisely.

A lovely sentiment, but it's a bit rose-colored. The statement only applies in a perfect world,

That's garbage! Passwords do not need to be decrypted. Ever!

You encrypt the password with a one-way hash and only store the hash.

To verify: you accept the password from the user; encrypt it using the same one-way hash and compare the result against the stored, encrypted value. If they match; he's authorised.

The password is never stored in any form that can be decrypted; and can only be discovered by encrypting every possibility and comparing them with the stored, encrypted result.

That has been the simple, correct way to do things since forever.

If you are handed a system where thousands of access routines managed by hundreds of non-IT folks are being used, the task of converting their access to more modernized and secure authentication techniques may not be permissible. Under those circumstances, obfuscation may be your only hope (Obi-wan).While I generally agree that the only thing worse than bad security is fake security, there are times when that's the only tool left in the toolbox.

More utter twaddle. No wonder the web leaks like a sieve when the obvious is ignored by so many "experts".

I can already hear sundialsvc4's skin crinkling as he cringes at all the things that will go wrong in the future when such a decision is made -- and he's right.

sundialsvc4 is a joke of a programmer; and you'll do yourself no good by hitching your skirts to his wagon train.

---

With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday'

Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.

"Science is about questioning the status quo. Questioning authority". I'm with torvalds on this

In the absence of evidence, opinion is indistinguishable from prejudice. Agile (and TDD) debunked

BrowserUk, I have a great respect for your abilities in algorithmic and systemic thinking -- and thus, from an engineering perspective, I find myself siding with you very nearly always.

So I am left to conclude that either I am not describing the problem sufficiently, or you are missing something. I'd be interested to see which.

So -- how would you address this situation:

You work for a company which has a heavily distributed base of employees. Culturally, policy and responsibility is pushed down to the lowest level; there is very little truly controlled from a central location.

The culture also honors this approach, taking the cost of destandardization as a good trade for increased productivity from empowering the individual and permitting local management to . . . well, manage. So you will be limited in making cultural, procedural, and administrative changes.

However, you have locally-controlled, but corporately-accessible databases scattered all over the company, and one of the things that is needed is for people to query these various databases a lot -- custom work, looking for things happening in other parts of the company in an effort to exploit prior art and use already-invented wheels rather than inventing new ones.

It's been this way for decades, and, of necessity, they've gotten good at it.

Someone at some point built a system which kept track of all the access credentials, so these folks can code up a Perl script which goes and snags a bunch of data, correlates it the way they want, and so on. This, too, has been in use for more than a decade. Everyone knows the process, and uses it effectively.

It is seen as too costly to revamp the way work is done. Management likes what happens when localized empowerment couples with centralized access -- so you're stuck with people calling this centralized routine to get the database, instance, port, username, password, etc., and feed it into whatever routines they've written to query the various databases from their Perl scripts.

But someone has caught on to the idea that keeping the passwords in clear text is a bad idea. Since that's controlled managed centrally, it's an area where you can make some changes.

What approach would you take to try to lessen the impact of cleartext passwords in a Perl module? Remember that these folks still have to be able to access the same databases, which are not centrally controlled.

What would you do to try to help with the cleartext-in-module issue?

Update: Department of Redundancy Department
Update: Verbiage adjust