No, there doesn't have to be any means of decrypting the passwords. Nor should there be.

A lovely sentiment, but it's a bit rose-colored. The statement only applies in a perfect world, and many of us are stuck keeping an imperfect world running effectively and doing what we can to make it better within the confines of limited resources (including time, as well as arbitrary process rules).

If you are handed a system where thousands of access routines managed by hundreds of non-IT folks are being used, the task of converting their access to more modernized and secure authentication techniques may not be permissible.

Under those circumstances, obfuscation may be your only hope (Obi-wan).

While I generally agree that the only thing worse than bad security is fake security, there are times when that's the only tool left in the toolbox.

In the end, our job is to help. Sometimes poorly, sometimes over-constrainedly -- but help, as best we can, is the mission.

I can already hear sundialsvc4's skin crinkling as he cringes at all the things that will go wrong in the future when such a decision is made -- and he's right.

I suppose if you really felt strongly about it you could stake your job on it say 'no' to your boss.

To that I can only say: Choose your battles wisely.

In reply to Re^3: encrypt passwords by marinersk
in thread encrypt passwords by fionbarr

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.