Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl Monk, Perl Meditation

Re: Re: Re: Re: Re: Ecrypting passwords

by iburrell (Chaplain)
on Oct 06, 2003 at 21:47 UTC ( #297096=note: print w/replies, xml ) Need Help??

in reply to Re: Re: Re: Re: Ecrypting passwords
in thread Ecrypting passwords

Just a side note. Hashing the user, realm, and password to create the shared secret does not provide the same protection the hashing in standard password files. The hash is the shared secret so anyone who retrieves the password database can use the secret to authenticate. They don't need the brute force the plaintext password like the password files.

The advantage is that they don't acquire the plaintext password and can't use it to login into any other services that use the same password.

  • Comment on Re: Re: Re: Re: Re: Ecrypting passwords

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://297096]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others perusing the Monastery: (4)
As of 2023-10-01 02:47 GMT
Find Nodes?
    Voting Booth?

    No recent polls found