Encrypt when you first get (and have verified) the password and store. When the user enters the password, encrypt it, retrieve the encrypted copy from the store and compare the encrypted versions. Never decrypt.

If you want to have a 'send me my password' link. Generate a new password, encrypt it and overwrite their old (encrypted) one in the store and send them the newly generated one.

You never store the unencrypted passwords, so even if the store is compromised, it doesn't open you up, because they only have the encrypted and you ask for the unencrypted.

By never needing to decrypt, you can use a one-way encryption, so noone can ever find the decryptions code. Of course the encryption code is probably around somewhere, but if the encryption is any good, they still have to do a brute force encrypt every word in the dictionary until they get a match for a password, before they can exploit it, and that ought to take a long time unless they get lucky.

Another precaution is to have a bunch encrypted passwords in the file derived from passwords that you wouldn't allow when your validating new passwords--things like 'password', 'secret', 'root' & 'admin'.

When people are logging in, don't validate, just encrypt it and see if it matches, then check the unencrypted against your 'no no' list. If you ever get a successful login using a word on your no no list, you know you've been Tango'd compromised. It would probably never happen, but for the effort involved, it's a simple sanity check.

Examine what is said, not who speaks.
"Efficiency is intelligent laziness." -David Dunham
"When I'm working on a problem, I never think about beauty. I think only how to solve the problem. But when I have finished, if the solution is not beautiful, I know it is wrong." -Richard Buckminster Fuller
If I understand your problem, I can solve it! Of course, the same can be said for you.

In reply to Re: Encryption 101 by BrowserUk
in thread Encryption 101 by sulfericacid

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.