Nikola Janceski wrote:
> Uh... exactly what are you going to be using it for? > You might want to check out the function call crypt() in the perlfunc pages. > > > -----Original Message----- > > From: Gregory Matthews [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, March 28, 2002 2:30 PM > > To: [EMAIL PROTECTED] > > Subject: Creating a Unique Key > > > > > > What is the best way to create a unique, almost impossible to guess, > > KEY, i.e., ftu880oli88UI8flpq, which can in turn be used as part of a > > security string, i.e., username: ftu880oli88UI8flpq ? Check out: http://www.cs.cornell.edu/People/egs/syslunch-spring02/syslunchsp02/webauth_ tr.pdf It details how the authors weakened or broke the authentication mechanisms of a number of prominent e-commerce sites, and gives background information on doing authentication well. One of the things it talks about is the weakness of the authentication scheme at the Wall Street Journal's web page caused by a misunderstanding of how crypt works. They do propose a stronger authentication scheme. Tagore Smith -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
