Re: sub always returns 1

Replies are listed 'Best First'.
Re^2: sub always returns 1 by MidLifeXis (Monsignor) on Mar 04, 2010 at 14:42 UTC
<snark>You're not supposed to store passwords encrypted either.</snark> Store a hash of the password and compare those. There is not a benefit to storing the password in any decryptable form, unless you need it to access something else (in which case, there are many times some other option). The user is, in effect, trusting the application and its storage and everything that the application depends on with whatever credentials it is providing. Under the principle of least needed privilege, you only store sufficient information to meet your needs - in most cases just to verify the user. Of course, this is now way off topic from the original post. It is said that "only perl can parse Perl." I don't even come close until my 3rd cup of coffee. --MidLifeXis	[reply]

Replies are listed 'Best First'.

Re^2: sub always returns 1
by MidLifeXis (Monsignor) on Mar 04, 2010 at 14:42 UTC

<snark>You're not supposed to store passwords encrypted either.</snark>

Store a hash of the password and compare those.

There is not a benefit to storing the password in any decryptable form, unless you need it to access something else (in which case, there are many times some other option). The user is, in effect, trusting the application and its storage and everything that the application depends on with whatever credentials it is providing.

Under the principle of least needed privilege, you only store sufficient information to meet your needs - in most cases just to verify the user.

Of course, this is now way off topic from the original post.

It is said that "only perl can parse Perl." I don't even come close until my 3rd cup of coffee. --MidLifeXis

[reply]