A couple minor points: (1) please use indentation in your code; (2) isn't it customary to request a user to enter their new password twice, to confirm it, rather than entering the old password twice? (Maybe requesting the old one twice is not a bad idea, but you really should ask for the new one to be typed twice, so the user is assured that the fingers did not slip.)

update: Removed a lot of incorrect and misguided stuff, after seeing Zaxo's remarks and checking man pages myself. Note that you should read both the section-3 man page Zaxo cited and "perldoc -f crypt", which even gives some examples of proper usage.