b310 has asked for the wisdom of the Perl Monks concerning the following question:

Hello Monks,

I was reading DuBois' book and he talks about encryption modules, Crypt::Blowfish, Crypt::DES, and Crypt::IDEA, and how he uses them so data entered via a form are secure.

Well, I'm trying to create a login screen with username and password. I want to make sure that when the user who types this information, the information comes across securely.

Well, I tried testing DuBois' script and found that the script won't work because the modules listed above are not installed on my hosting providers' server. I tried to install that modules myself into my own directory and I do not have the ability to do so. The hosting provider tells me that they won't install the modules.

Well, I come to you for some advice. How can I create a secure login screen without having the modules the DuBois' mentions?

Thank you for all your assistance.

Replies are listed 'Best First'.
•Re: Form Security/Encryption - not sure?
by merlyn (Sage) on Mar 15, 2003 at 18:24 UTC
    The way to encrypt from browser to server is SSL (https). This has nothing to do with Perl. Ask your ISP if SSL connections are available. If not, you'll need to go to a different ISP. There's not really an option there.

    If you're talking about encryption after you get the data into your CGI application, then the modules you mention make sense. If they aren't available, again, you've got the wrong ISP. {grin}

    -- Randal L. Schwartz, Perl hacker
    Be sure to read my standard disclaimer if this is a reply.

[reply]
      Hi Merlyn,

      Thank you for your input. I'll ask my ISP about SSL connections.
[reply]

Back to Seekers of Perl Wisdom