in reply to Passwords, hashes, and salt

You'll maybe have to explain a little bit better why you think... 
    use Crypt::PasswdMD5;

    $cryptedpassword = unix_md5_crypt($password, $salt);

[download]
...is a lot of extra trouble, especially since rolling your own would seem to be a lot of busy work for very little gain.

Replies are listed 'Best First'.
Re^2: Passwords, hashes, and salt
by waswas-fng (Curate) on Jun 24, 2005 at 18:40 UTC
    Because there have been multiple documented attacks against MD5. You don't need the password if you can run out and come up with a new plaintext that ends up with the same digest.


    -Waswas
[reply]
Re^2: Passwords, hashes, and salt
by Mr_Person (Hermit) on Jun 24, 2005 at 19:07 UTC
    Oh, I didn't mean that using the module would be too much trouble. In fact, it looked like the easiest thing to do. I was refering to how the module worked internally, it looks like there's some extra stuff that it does just so it can be compatible with Unix and Apache MD5-based crypt. That, and like I mentioned, it is just MD5.
[reply]

In Section Seekers of Perl Wisdom