crypt accesses the standard Unix crypt() function, which takes a string and a salt (a random two-byte string) and using a one-way hash function encrypts the password. The salt gets assigned randomly when the password is created, and its purpose is that even if you use the same password on two different places, the encrypted passwords will be different. There are some packages in CPAN that provide similar interfaces using MD5 and other algorithms. Do a search for "crypt".

Sample use for crypt would be as follows. The first function receives the plain-text password and returns the encrypted password string. The second one takes an encrypted password string (as generated by the first function) and a plain-text password, and tell you whether the password is correct. Notice how the salt is stored in the first two bytes of the encrypted password. Also note that crypt only uses the first 8 characters of the password.

sub encrypt_passwd {
  my $pw=shift;
  # Seed random number generator. From Camel book p. 223.
  # This should be outside this function, in the program
  # initialization, otherwise calls to this function very
  # close in time will result in the same salt.
  srand ( time() ^ ($$ + ($$ << 15)) );
  my @c=('a'..'z', 'A'..'Z', '0'..'9','.','/');
  my $s=$c[rand(@c)].$c[rand(@c)];
  return crypt($pw, $s);
}

sub verify_passwd {
  my ($epw, $pw)=@_;
  my $s=substr($epw,0,2);
  return $epw eq crypt($pw,$s);
}
[download]