Re: [WebDNA] ENCRYPTION problems
This WebDNA talk-list message is from 2012
It keeps the original formatting.
numero = 109272
interpreted = N
texte = Included in WebDNA 7+ is a strong blowfish algorithm (probably the most =secure encrypting system available with WebDNA)It was also existing in WebDNA 6 but undocumented because there were =some problems with it. Problems fixed with WebDNA 7+.- chrisOn Jul 6, 2012, at 10:53, Govinda wrote:>=20>> I have a task to create a login system for a client where the client =stores the password and username on their SQL db.>>=20>> I have to send them the username and pre-encrypted password to store.>>=20>> When I need to have a customer login I need to match the username and =password, the problem is that using ENCRYPT with a seed will never =produce the same result.>>=20>> How safe is [ENCRYPT] without a seed ?>>=20>> Or any suggestions for another encryption method ?>=20>=20> I think modern systems do not store unencrypted passwords. If the =database ever gets hacked-stolen.. then the passwords are exposed... =which is not the case if we do not store the unencrypted passwords. =20>=20> The last login system I built in Webdna, I checked the input password =something like this:>=20> [showif] [url]form-input password[/url] =3D [url]db's =[decrypt...]*encrypted* password[/decrypt][/url]]=20>=20> ... inside a [founditems].. inside the [search] that finds a user =record based on form-input username.>=20> -G---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list
.> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> Bug Reporting: support@webdna.us
Associated Messages, from the most recent to the oldest:
Included in WebDNA 7+ is a strong blowfish algorithm (probably the most =secure encrypting system available with WebDNA)It was also existing in WebDNA 6 but undocumented because there were =some problems with it. Problems fixed with WebDNA 7+.- chrisOn Jul 6, 2012, at 10:53, Govinda wrote:>=20>> I have a task to create a login system for a client where the client =stores the password and username on their SQL db.>>=20>> I have to send them the username and pre-encrypted password to store.>>=20>> When I need to have a customer login I need to match the username and =password, the problem is that using ENCRYPT with a seed will never =produce the same result.>>=20>> How safe is [encrypt] without a seed ?>>=20>> Or any suggestions for another encryption method ?>=20>=20> I think modern systems do not store unencrypted passwords. If the =database ever gets hacked-stolen.. then the passwords are exposed... =which is not the case if we do not store the unencrypted passwords. =20>=20> The last login system I built in Webdna, I checked the input password =something like this:>=20> [showif] [url]form-input password[/url] =3D [url]db's =[decrypt...]*encrypted* password[/decrypt][/url]]=20>=20> ... inside a [founditems].. inside the [search] that finds a user =record based on form-input username.>=20> -G---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> Bug Reporting: support@webdna.us
christophe.billiottet@webdna.us
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
WebCat2final1 crashes (1997)
SET (1998)
2.1b2 was SLOW ... but 2.1b3 is FAST! (1997)
Summary layout (1997)
caching -check- (2001)
Upgrade to wsV (2004)
dates as search criteria (2000)
WebDNA 6 Error (2004)
Next X hits (1996)
SiteEdit NewFile.html ? (1997)
Saving Text Areas with Orders (1997)
Entry pages (was: WebCatalog MAJOR drawback) (1998)
using showpage and showcart commands (1996)
FORMS: Returning a specific page (1997)
Out of the woodwork (2007)
enhanced ErrorMessages.db (2002)
Plugin causes type 2 error on WebStar startup (2000)
[WebDNA] WebMerchant again (2015)
Unexpected error (1997)
Purchased cart being overwritten - still !?? (1997)