in reply to Re^2: How to hide a password in a script?
in thread How to hide a password in a script?

"and deals with a proprietary software client which doesn't support externally encrypted authentication methods"

davido wasn't suggesting that the client did any encryption. All encrpytion is down by the script, nothing external. For example:

$encrypted_passwd = 'ABS5SGh1EL6bk';  # crypt('secret', 'AB');

$submitted_clear_text_passwd = ...from user input, client socket or whatever...;

$submitted_encrypted_passwd = crypt($clear_text_passwd, substr($encrypted_passwd, 0, 2));
if ($submitted_encrypted_passwd ne $encrypted_passwd)
{
  # wrong password
  ...
  exit;
}
...

(Except use MD5 instead of crypt().)

  • Comment on Re^3: How to hide a password in a script?

In Section Seekers of Perl Wisdom