Encrypt/ Decrypt using CGI::EncryptForm

Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

Hello Monks,

I am looking for a module to Encrypt a password, submit to a CGI and then Decrypt for validation. I did a search in CPAN and found CGI::EncryptForm module which (it seems) can do the task.

But, a search in the archives for encrypt or decrypt doesn't mention about this module. So, I am wondering if it is a good idea to use this in my scripts.

Would appreciate your inputs. Thanks.

Comment on Encrypt/ Decrypt using CGI::EncryptForm

Replies are listed 'Best First'.
Re: Encrypt/ Decrypt using CGI::EncryptForm by derby (Abbot) on Jun 23, 2006 at 19:09 UTC
This module isn't really about secure submission of forms but secure subsequent passing around of form data. If your concerned about secure submission, you really need to set up an https server. If you're really concerned about subsequent secure data, you should look into using server side sessions. -derby	[reply]
Re: Encrypt/ Decrypt using CGI::EncryptForm by jdtoronto (Prior) on Jun 23, 2006 at 19:48 UTC
Yeah, I say what derby says. Try this page: http://pajhome.org.uk/crypt/md5/ which talks about using the MD5 hash for hash-challenge authentication. jdtoronto	[reply]
Re^2: Encrypt/ Decrypt using CGI::EncryptForm by Anonymous Monk on Jun 23, 2006 at 20:30 UTC
Thanks for the response. Actually, the application is behind a firewall. So, I will look at server side sessions as advised by you for subsequently passing secure data. Should I be checking out CGI::Session module?	[reply]