Just to elaborate a bit. Unix has used DES for the crypt() function since at least the 1980s sometime. The DES crypt only depends on the first 8 characters. More recent systems use a MD5 hash for passwords. MD5 as an algorithm will allow arbitrary length passwords. That doesn't mean login code (in say a SSH program) won't have a limit (like 128 or 256 characters).

If you move your site to use a database later you should know that the MySQL PASSWORD() function is sometimes used by website's for keeping site member's passwords hidden. When site's used this function for storing passwords the logins broke during the 4.0 to 4.1 upgrade. MySQL AB has documented that the PASSWORD function may change so you should use MD5() or SHA1() for your member login passwords.

Use the Digest modules to get access to MD5 and SHA-1 in Perl. Using them is as easy as:
  use Digest::MD5 qw(md5_hex);
  $hashed = md5_hex($passwd);

[download]
Then store the username and $hashed wherever you like.

Also there has been some talk lately of probablistic attacks on MD5 password hashes which means given a MD5 hash it is not incredibly hard to find a password which will hash to the given hash. You may want to consider using SHA-1 instead. See http://passcracking.com/ and http://en.wikipedia.org/wiki/MD5#Security for more info.

In reply to Re^3: username/password validation by superfrink
in thread username/password validation by titanic_fanataic

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.