comment on

There are many problems with what you are doing, but the worst is working with plain text passwords. Never, ever, for any reason store plain text passwords, especially paired with user names!

A fairly light weight technique that is much more secure and needs very little extra work is to store a cryptographic hash of the password combined with a seed (often the user name can be used as the seed). To check a supplied password use the same hash process that was used to generate the hash originally then compare the two hash codes.

use strict;
use warnings;
use Digest::MD5;

print Digest::MD5::md5_hex("username" . "SamplePassword");
[download]

Prints:

c0075ad4e26ec3dee225ccb6387b0b77
[download]

Optimising for fewest key strokes only makes sense transmitting to Pluto or beyond

In reply to Re: with CGI, How to have multiple usernames and passwords from a txt file (password.txt) file by GrandFather
in thread with CGI, How to have multiple usernames and passwords from a txt file (password.txt) file by theravadamonk

Are you posting in the right place? Check out Where do I post X? to know for sure.
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
Want more info? How to link or How to display code and escape characters are good places to start.


laziness, impatience, and hubris
	PerlMonks