Archive of UserLand's first discussion group, started October 5, 1998.

Re: Secure password storage

Author:Eric Soroos
Posted:9/9/2000; 5:30:14 PM
Topic:Biggest barrier to building a community in Manila
Msg #:21087 (In response to 21081)
Prev/Next:21086 / 21088

Encrypt all the passwords in your database using a one-way encryption function.

When the user types in a password, encrypt it and compare it against the database.

Note that if you do that, you give up the ability to do challenge response style authentication. (i.e. apop or the http authentication extensions). You are then essentially back at password equivalents.

eric (the other one)


There are responses to this message:


This page was archived on 6/13/2001; 4:56:36 PM.

© Copyright 1998-2001 UserLand Software, Inc.