Are there people who work with cryptographic tools and have access to a fair amount of computer horsepower who are also likely to be motivated to attack the web site of your homeowners association?
Well, there's that evil homeowners association just down the road... They're so competitive... ;)
Seriously, I know exactly what you're saying; in my case any kind of encryption at all is probably more than enough. After all, there's no money or secrets involved.
I was fat, dumb and happy using MD5 crypt until during testing, I noticed that only the first 8 characters of passwords seemed to matter. I found info on the web that MD5, (or at least the implementation I'm using, Digest::MD5), crypt only uses the first 8 characters. <update> I considered using MD5 instead of crypt. </update> Further searching revealed that MD5 and SHA1 have been broken, and if you're coding something new, you might as well go with SHA256. Since I havent't released my script yet, and since I want the whole password to count, I figured I should go with SHA256. And you're right, another reason is for me to learn.
My main concern here is if these modules implement SHA256 properly.
Thanks syphilis for pointing out my mistake
TheEnigma
In reply to Re^2: Would Like Recommendation for an SHA256 module
by TheEnigma
in thread Would Like Recommendation for an SHA256 module
by TheEnigma
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |