Beefy Boxes and Bandwidth Generously Provided by pair Networks
XP is just a number
 
PerlMonks  

Re: Re: Storing encryted passwords in MySQL

by spacewarp (Pilgrim)
on Jun 06, 2003 at 20:18 UTC ( [id://263843]=note: print w/replies, xml ) Need Help??


in reply to Re: Storing encryted passwords in MySQL
in thread Storing encryted passwords in MySQL

This was the first data I came across, but it doesn't mesh with what I'm seeing on my system. My login password is 10 characters (for my convenience), and the encrypted output seems to be 34 characters, as are several others, thus leading to my question here.

Spacewarp

DISCLAIMER:<BR> Use of this advanced computing technology does not imply an endorsemen +t<BR> of Western industrial civilization.<BR>

Replies are listed 'Best First'.
Re: Re: Re: Storing encryted passwords in MySQL
by pzbagel (Chaplain) on Jun 06, 2003 at 20:46 UTC

    What OS are you running? Newer distributions of Linux typically use MD5 password hashes rather than crypt.

      /etc/shadow (crypt shadow files at least) store 13 chars because the salt that is ues is stored as well as the encrypted password. May I suggest using MD5 digests for the passwords you are storing -- they have two advantages, first they allow long passwords, second crypt has some parts to it that make it easy to brute force (if not completely break it depending on its implementation).

      For an example on the /etc/shadow files you may think of it this way: Get actual cripted password salt from shadow: $salt = substr($password_string_from_shadow, 0, 2); $newpass = $salt . crypt($string_i_think_is_password,$salt); $newpass is now a string you can push back to password file...


      -Waswas
      Aha.. that could be it. I'm running Redhat 6.2.

      Thanks so much for your help.

      Spacewarp

      DISCLAIMER:<BR> Use of this advanced computing technology does not imply an endorsemen +t<BR> of Western industrial civilization.<BR>

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://263843]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others rifling through the Monastery: (4)
As of 2024-03-28 17:20 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found