I suggest you read my rather comprehensive answer to your coding problems with this script posted at Re: To register or not (2)!!! which shows you how to do this as well as fixing a number of other issues with your script.
You have to be joking about using ROT13 encryption right? - that cipher was broken when Ceasar was king. If you want to store passwords you don't need a crappy weak pointless cipher like that. Just do this:
my $password = password(5); my $salt = 'Na'; # any two char string will do my $encrypted = crypt( $password, $salt ); print "The encrypted version of $password is $encrypted\n"; print 'Gimmee the password: '; chomp( my $answer = <> ); print check_password($answer) ? "OK" : "Wrong"; sub check_password { my $to_check = shift; # I would normally use return COND ? TRUE : FALSE; # like this # return (crypt( $to_check, $salt ) eq $encrypted) ? 1 : 0; # but here it is in baby perl if ( crypt( $to_check, $salt ) eq $encrypted ) { return 1 } else { return 0 } } sub password{ my $s = shift; srand( $s ^ time ^ $$ ); @c = split //, "bcdfghjklmnpqrstvwxyz"; @v = split //, "aeiou"; my $password = ''; $password .= $c[int(rand(21))] .$v[int(rand(5))] for 1..4; return $password; }
crypt is a one way hashing algorithm so to check a password you encrypt it and see it it matches the encrypted password. You only store the encrypted password. You can't decrypt one way hashes - thus they are generally more secure than ciphers as the only real way to attack them is a brute force dicttionary attack where you encrypt words and see if they match the hashed value.
cheers
tachyon
s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print
In reply to Re: ??Mnemonic Passwords??
by tachyon
in thread ??Mnemonic Passwords??
by eoin
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |