Re: [WebDNA] Best practice re: password storage

This WebDNA talk-list message is from

2013


It keeps the original formatting.
numero = 110774
interpreted = N
texte = Tom, I don't know what method WebDNA standard encryption uses, but whenever I encrypt I use blowfish because I find the output "prettier" and easier to deal with since I don't have to fiddle with all the [url]ing, but that's just me. [url][url][encrypt seed=secret]salt-value.password-value[/encrypt][/url][/url] 5%258D%25EE%2540%2596%25C6%25A5%2515%25D4h%25E6%255C%25DDO%2528%257C%25ABT%25B7%25C8%251B%252Aj%25F4%25AF%25B8/0%25B0%25D9uY vs. [encrypt seed=secret&method=blowfish]salt-value.password-value[/encrypt] 8c13ab1401786f015b64821c6920756a082d91a7090cdf170ffd995ebf5de1fd -Dan Strong http://www.DanStrong.com On 10/2/2013 1:34 PM, Stuart Tremain wrote: > Tom > > Anything that encrypt I do like this: > > > [URL][URL][ENCRYPT seed=secret]password-value[/ENCRYPT][/URL][/URL] > > Very straight forward in the docs: http://www.webdna.us/page.dna?numero=83 > > > If you are wanting to have these encrypted passwords portable to other systems then you will have to look at other methods. > > > > > > On 03/10/2013, at 6:20 AM, Tom Duke wrote: > >> Hi all, >> >> I've been reading up recently on password hashing with salts etc, and I'm hoping to implement a process that I can then document and outline to clients. >> >> My problem is I can't determine from the docs what encryption method is used when implementing 'standard' WebDNA encryption. >> >> So if I store passwords using a one way hash with: >> >> [encrypt]salt-value.password-value[/encrypt] >> >> can anyone tell me what algorithm is used? >> >> Also how are other people handing password storage? >> >> Thanks >> - Tom >> >> >> --------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.us Bug Reporting: support@webdna.us > --------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us > Bug Reporting: support@webdna.us Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] Best practice re: password storage (Dan Strong 2013)
  2. Re: [WebDNA] Best practice re: password storage (Tom Duke 2013)
  3. Re: [WebDNA] Best practice re: password storage (Dan Strong 2013)
  4. Re: [WebDNA] Best practice re: password storage (WebDNA 2013)
  5. Re: [WebDNA] Best practice re: password storage (Dan Strong 2013)
  6. Re: [WebDNA] Best practice re: password storage (WebDNA 2013)
  7. Re: [WebDNA] Best practice re: password storage (Dan Strong 2013)
  8. Re: [WebDNA] Best practice re: password storage (Dan Strong 2013)
  9. Re: [WebDNA] Best practice re: password storage (WebDNA 2013)
  10. Re: [WebDNA] Best practice re: password storage (Bill DeVaul 2013)
  11. Re: [WebDNA] Best practice re: password storage (Donovan Brooke 2013)
  12. Re: [WebDNA] Best practice re: password storage (Stuart Tremain 2013)
  13. Re: [WebDNA] Best practice re: password storage (Tom Duke 2013)
  14. Re: [WebDNA] Best practice re: password storage (Stuart Tremain 2013)
  15. Re: [WebDNA] Best practice re: password storage (Tom Duke 2013)
  16. Re: [WebDNA] Best practice re: password storage (Dan Strong 2013)
  17. Re: [WebDNA] Best practice re: password storage (Dan Strong 2013)
  18. Re: [WebDNA] Best practice re: password storage (Stuart Tremain 2013)
  19. Re: [WebDNA] Best practice re: password storage (Tom Duke 2013)
  20. Re: [WebDNA] Best practice re: password storage (Dan Strong 2013)
  21. Re: [WebDNA] Best practice re: password storage (Stuart Tremain 2013)
  22. [WebDNA] Best practice re: password storage (Tom Duke 2013)
Tom, I don't know what method WebDNA standard encryption uses, but whenever I encrypt I use blowfish because I find the output "prettier" and easier to deal with since I don't have to fiddle with all the [url]ing, but that's just me. [url][url][encrypt seed=secret]salt-value.password-value[/encrypt][/url][/url] 5%258D%25EE%2540%2596%25C6%25A5%2515%25D4h%25E6%255C%25DDO%2528%257C%25ABT%25B7%25C8%251B%252Aj%25F4%25AF%25B8/0%25B0%25D9uY vs. [encrypt seed=secret&method=blowfish]salt-value.password-value[/encrypt] 8c13ab1401786f015b64821c6920756a082d91a7090cdf170ffd995ebf5de1fd -Dan Strong http://www.DanStrong.com On 10/2/2013 1:34 PM, Stuart Tremain wrote: > Tom > > Anything that encrypt I do like this: > > > [url][url][ENCRYPT seed=secret]password-value[/ENCRYPT][/URL][/URL] > > Very straight forward in the docs: http://www.webdna.us/page.dna?numero=83 > > > If you are wanting to have these encrypted passwords portable to other systems then you will have to look at other methods. > > > > > > On 03/10/2013, at 6:20 AM, Tom Duke wrote: > >> Hi all, >> >> I've been reading up recently on password hashing with salts etc, and I'm hoping to implement a process that I can then document and outline to clients. >> >> My problem is I can't determine from the docs what encryption method is used when implementing 'standard' WebDNA encryption. >> >> So if I store passwords using a one way hash with: >> >> [encrypt]salt-value.password-value[/encrypt] >> >> can anyone tell me what algorithm is used? >> >> Also how are other people handing password storage? >> >> Thanks >> - Tom >> >> >> --------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.us Bug Reporting: support@webdna.us > --------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us > Bug Reporting: support@webdna.us Dan Strong

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Two submit buttons ? (1997) Major bug report on rootbeer (1997) (ot) sitemap generator (1998) Happy Halloween - Check out the pumpkin (2002) authorize.net SIM & AIM Sample Code (2002) Been meaning to ask... (1997) Re:no [search] with NT (1997) Client-side Image Maps and WebCat? (1998) [referrer] -truncates at & (1998) Re1000001: Setting up shop (1997) Kaaaaahhhhhhhnnnnnnn! (1997) [WebDNA] Authentication across domains (2009) FIXED: Startup Script for 5.1g on iTools 8.2 (2006) WC on Mac OS X or Mac OS X Server 2.x (2001) Domain name & WebDNA 5.0 (2003) Cookies and webcat (1997) Add command creates new cart but I'm passing existing cart...? (2000) Setting up WebCatalog with Retail Pro data (1996) php vs WebCatalog (2000) Re: (1998)