Menu
Its not specific perl question I am building a perl gui/wxperl application that connect to DB . I want my application to be a password protected i.e first the user should enter the user and password and then use the appication .
what is the best secure method to store the password could someone provide an idea what is the best method to how should i store the user and the password and how should i retrieve them for authentication ? if possible could someone provide some perl code how to do this ?
776
You definitely don't want to save the passwords in plain text, you should probably take a look at using sha256. You can use the Perl mod Digest::SHA (see CPAN for docs).
use Digest::SHA qw(sha256);
my $digest = sha256($input_password);
my $saved_digest_password = get_saved_password_for_user($input_user);
if ($digest eq $saved_digest_password){
# they have the correct password
}
That is just pseudo code, but it should help get you started. It's up to you to define "get_saved_password_for_user" however you want to, whether that is stored in a database somewhere or on the file system or somewhere else. Just make sure you don't ever store or log the $input_password anywhere. The only thing you should need to store is the $digest password.
Hope that helps!
171
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
