Renaud Drousies wrote: > That's why the password should be mixed with a challenge string before > being hashed and sent over the network. >
This is also not a good solution. The server still needs to know some computable variant of the cleartext password in order for this to work. Feel free to hash passwords in your database so that if the database is compromised you don't just give out cleartext passwords. This worked for UNIX's /etc/passwd for a while, but there's a reason they moved to shadow passwords. Given a hash, cracking passwords is easy. The correct solution to the password issue is to use SSL. For everything. (Compromising the login cookie is just as good as a password, so you'd better transfer those over SSL too.) Anyway, we could go back and forth on how challenge/response hashes are "good enough", and I guess they are, but it's a lot *easier* to use strong cryptography and guarantee that your passwords aren't going to be compromised in band. Just load mod_ssl into Apache, and you're done! (Someone could still brute force login attempts, but that's extremely easy to detect. Again, think UNIX /etc/shadow.) Regards, Jonathan Rockway _______________________________________________ List: [email protected] Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[email protected]/ Dev site: http://dev.catalyst.perl.org/
