comment on

As long as other people also have write-access to the file, there is no way you can keep the login information safe. Both, your password-checking Perl code and the file it reads are open to the users for manipulation, so there is no safety.

If the other people only have read-access, you can gain some limited "security" by using the crypt() subroutine and storing only the crypted passwords instead of the plaintext passwords. A user is then accepted if his crypted password equals the crypt you have stored in your file.

Another stupid idea would be to encrypt the whole file, stupid because a black hat would only need to look shortly at your Perl code to see what the decryption parameters are. If the stored file is not safe, neither is your Perl program.

In reply to Re: Encrypting a user name and password by Corion
in thread Encrypting a user name and password by Kiko

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.