Thanks Peter. But then how will I know programmatically if the password is 
correct or not? 

Bob S

> On Mar 6, 2017, at 02:53 , Peter TB Brett via use-livecode 
> <> wrote:
> On 03/03/2017 18:00, Bob Sneidar via use-livecode wrote:
>> It looks like the encrypt command is already using this method if
>> the "with salt" arguement is provided? At least the encrypted result
>> starts with "salted" and at least part of the salt value.
> Hi Bob,
> The "encrypt" command provides symmetric cryptographic functions, i.e.
> you can decrypt the result again to get the cleartext back.  This is _not_ a 
> desirable property for a password storage system; you should always use 
> one-way (asymmetric) functions, such as a cryptographic hash.
>                                      Peter
> -- 
> Dr Peter Brett <>

use-livecode mailing list
Please visit this url to subscribe, unsubscribe and manage your subscription 

Reply via email to