Thanks all. Particularly interesting article by Schneier. Anyway, sounds like I'm probably okay. Currently I use Crypt::RandPasswd to generate a different key for each password and then store the key in one database (not table, but db) and the encrypted password in another database. I store a general-use key in a .conf file in my home directory chmodded to 600.

Sound okay?

I'm not sure to understand ...
You have an indexed file for encrypted passwords (ciphered with the keys generated with Crypt::RandPasswd), and other indexed file for storing the keys (encrypted i suppose with the general-use key saved at ~/a.conf) ... are my assumptions okay?
And this scheeme is for what? ... for users authentication (it is no better to store a simple HashFunction(user_password,generic_passwd) result? ...

It sounds very bizarre ... i think



turo


perl -Te 'print map { chr((ord)-((10,20,2,7)[$i++])) } split //,"turo"'

Well, it very well might be bizarre. I'm trying to build in the entrophy that Schneier talks about. But I'm open. Can you show me an example fot he HashFunction you are talking about. Thanks.


—Brad
"The important work of moving the world forward does not wait to be done by perfect men." George Eliot