in reply to Re: CGI and saving passwords in thread CGI and saving passwords
I like your md5 function. Hashing against the username, time, and a random number... seems like it would yield some pretty unique results :-) Thanks for pointing out some other methods of storing the token. I thought I only had a flat file or DB as an option. That Storable module looks fairly interesting... compiled in C; very fast! I also like your idea of rotating the token for each page call. Seems like a good method to keep crackers on their toes. I have got to try some of this stuff out. Thanks for your help. Joe
|