Great thread, and a great comment. ++ to parent.

I would like to make one quibble. The intention of one way hashes is to have there be no known way to get the plain text back from the hash, but in the real world, evil people can be very clever, especially when there is a monetary reason to be so clever, or if someone claims "there is no way...".

IANAH (I am not a hacker) but I know that many one-way hashing cracking programs are available. They can be surprisingly successful on realworld hashes (passwords). Consequently, please remember the following limitations to one way hashes.

* Input strings should be 8 or more characters and should include numbers, symbols and capitol letters. (if not, it can more than likely be cracked).
* Using words and names as part of your passwd weakens them considerably. Using only a word is like having no passwd.
* Using "3" for e or "@" for a in your passwd won't help at all -- crackers know these tricks.

Cheers

-------------------------------------
Nothing is too wonderful to be true
-- Michael Faraday

In reply to Re: Re: CGI and saving passwords by freddo411
in thread CGI and saving passwords by JoeJaz

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.