(ichimunki) Re x 2: crypt

With the understanding that no non-core modules can be used we probably cannot get by with anything but crypt(), so the suggestion to add a random salt is a good one (although don't forget to store it in the database!).

If going with a non-core module, I'd rather see that the password itself isn't even put in the cookie, maybe the MD5 or SHA1 hash, but even then to what end? We may as well use a semi-random or other mostly unique key in our cookie and prevent an attacker from having any clue how the passwords are stored in the database. That way we limit cracks to sniffing and to bad password selections on the part of users.

And to prevent cracking, I'd suggest a limit to the number of tries a user gets-- although this brings up a DOS problem, which under the circumstances is likely to be a less invasive "crack" than unauthorized access to the system.

{Just my additional two cents on this}

Comment on (ichimunki) Re x 2: crypt

Replies are listed 'Best First'.
Re^3: crypt by Aristotle (Chancellor) on Nov 08, 2001 at 14:14 UTC
ichimunki++ That is the right idea. Rather than constantly passing the password back and forth, generate a random session ID when the user has successfully logged in. I suggest your session manager also tie a session to the IP it originally was started from, and that sessions be expired pretty quickly after some inactivity (when the user hasn't sent a request for, say, 30 minutes - though your specific application may make longer idle delays necessary).	[reply]

Replies are listed 'Best First'.

Re^3: crypt
by Aristotle (Chancellor) on Nov 08, 2001 at 14:14 UTC

ichimunki

[reply]