Now that I'm at my desk, I just ran some timing tests. The JS syntax MD
5 Chuck referenced function takes ~2ms on my machine, and the SHA-256
routine takes ~10mx. (PowerMac G4, 1.25MHz.) So, hashing the password
value isn't very costly in terms of CPU either way.
On May 17, 2006, at 11:29 AM, I wrote:
Just to add to the "store the password hashed" talk, if you're
starting from scratch, I'd go with SHA-1 rather than MD5. If you
really go the full monty, you can go with SHA-256
(<http://anmar.eu.org/projects/jssha2/> BSD license) and salt the
password before you generate the hash, as in:
hashedPassword = sha256(userPassword & "some other string")
On May 17, 2006, at 9:52 AM, Chuck Neal wrote:
There are also some lingo MD5 implementations as well. (No Xtra
needed)
http://www.mediamacros.com/item/item-1006687462/
http://www.mediamacros.com/item/item-1006687189/
And with Javascript, you can pull a JS MD5 like this into Director...
http://pajhome.org.uk/crypt/md5/
-Chuck
--------------------------
Chuck Neal
CEO, MediaMacros, Inc.
[EMAIL PROTECTED]
http://www.mediamacros.com
http://www.mediamacros.net
James Newton wrote:
A standard technique is to create and MD5 hash of the user's
password. MD5
is a public-domain algorithm for generating a unique but apparently
random
string for any given input. This is a one-way process: the original
data is
lost and cannot be retrieved from the hashed version.
Chieh An Lu has written a free cross-platform MD5 xtra, which you
can find
at:
<http://xtras.calu.us/xtrasMD5Ldoc.php>
Cheers,
James
[To remove yourself from this list, or to change to digest mode, go
to http://www.penworks.com/lingo-l.cgi To post messages to the list,
email [email protected] (Problems, email
[EMAIL PROTECTED]). Lingo-L is for learning and helping with
programming Lingo. Thanks!]
[To remove yourself from this list, or to change to digest mode, go to
http://www.penworks.com/lingo-l.cgi To post messages to the list,
email [email protected] (Problems, email
[EMAIL PROTECTED]). Lingo-L is for learning and helping with
programming Lingo. Thanks!]
[To remove yourself from this list, or to change to digest mode, go to
http://www.penworks.com/lingo-l.cgi To post messages to the list, email
[email protected] (Problems, email [EMAIL PROTECTED]). Lingo-L is for
learning and helping with programming Lingo. Thanks!]
