Re: [WebDNA] Best practice re: password storage

This WebDNA talk-list message is from

2013


It keeps the original formatting.
numero = 110774
interpreted = N
texte = Tom, I don't know what method WebDNA standard encryption uses, but whenever I encrypt I use blowfish because I find the output "prettier" and easier to deal with since I don't have to fiddle with all the [url]ing, but that's just me. [url][url][encrypt seed=secret]salt-value.password-value[/encrypt][/url][/url] 5%258D%25EE%2540%2596%25C6%25A5%2515%25D4h%25E6%255C%25DDO%2528%257C%25ABT%25B7%25C8%251B%252Aj%25F4%25AF%25B8/0%25B0%25D9uY vs. [encrypt seed=secret&method=blowfish]salt-value.password-value[/encrypt] 8c13ab1401786f015b64821c6920756a082d91a7090cdf170ffd995ebf5de1fd -Dan Strong http://www.DanStrong.com On 10/2/2013 1:34 PM, Stuart Tremain wrote: > Tom > > Anything that encrypt I do like this: > > > [URL][URL][ENCRYPT seed=secret]password-value[/ENCRYPT][/URL][/URL] > > Very straight forward in the docs: http://www.webdna.us/page.dna?numero=83 > > > If you are wanting to have these encrypted passwords portable to other systems then you will have to look at other methods. > > > > > > On 03/10/2013, at 6:20 AM, Tom Duke wrote: > >> Hi all, >> >> I've been reading up recently on password hashing with salts etc, and I'm hoping to implement a process that I can then document and outline to clients. >> >> My problem is I can't determine from the docs what encryption method is used when implementing 'standard' WebDNA encryption. >> >> So if I store passwords using a one way hash with: >> >> [encrypt]salt-value.password-value[/encrypt] >> >> can anyone tell me what algorithm is used? >> >> Also how are other people handing password storage? >> >> Thanks >> - Tom >> >> >> --------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.us Bug Reporting: support@webdna.us > --------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us > Bug Reporting: support@webdna.us Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] Best practice re: password storage (Dan Strong 2013)
  2. Re: [WebDNA] Best practice re: password storage (Tom Duke 2013)
  3. Re: [WebDNA] Best practice re: password storage (Dan Strong 2013)
  4. Re: [WebDNA] Best practice re: password storage (WebDNA 2013)
  5. Re: [WebDNA] Best practice re: password storage (Dan Strong 2013)
  6. Re: [WebDNA] Best practice re: password storage (WebDNA 2013)
  7. Re: [WebDNA] Best practice re: password storage (Dan Strong 2013)
  8. Re: [WebDNA] Best practice re: password storage (Dan Strong 2013)
  9. Re: [WebDNA] Best practice re: password storage (WebDNA 2013)
  10. Re: [WebDNA] Best practice re: password storage (Bill DeVaul 2013)
  11. Re: [WebDNA] Best practice re: password storage (Donovan Brooke 2013)
  12. Re: [WebDNA] Best practice re: password storage (Stuart Tremain 2013)
  13. Re: [WebDNA] Best practice re: password storage (Tom Duke 2013)
  14. Re: [WebDNA] Best practice re: password storage (Stuart Tremain 2013)
  15. Re: [WebDNA] Best practice re: password storage (Tom Duke 2013)
  16. Re: [WebDNA] Best practice re: password storage (Dan Strong 2013)
  17. Re: [WebDNA] Best practice re: password storage (Dan Strong 2013)
  18. Re: [WebDNA] Best practice re: password storage (Stuart Tremain 2013)
  19. Re: [WebDNA] Best practice re: password storage (Tom Duke 2013)
  20. Re: [WebDNA] Best practice re: password storage (Dan Strong 2013)
  21. Re: [WebDNA] Best practice re: password storage (Stuart Tremain 2013)
  22. [WebDNA] Best practice re: password storage (Tom Duke 2013)
Tom, I don't know what method WebDNA standard encryption uses, but whenever I encrypt I use blowfish because I find the output "prettier" and easier to deal with since I don't have to fiddle with all the [url]ing, but that's just me. [url][url][encrypt seed=secret]salt-value.password-value[/encrypt][/url][/url] 5%258D%25EE%2540%2596%25C6%25A5%2515%25D4h%25E6%255C%25DDO%2528%257C%25ABT%25B7%25C8%251B%252Aj%25F4%25AF%25B8/0%25B0%25D9uY vs. [encrypt seed=secret&method=blowfish]salt-value.password-value[/encrypt] 8c13ab1401786f015b64821c6920756a082d91a7090cdf170ffd995ebf5de1fd -Dan Strong http://www.DanStrong.com On 10/2/2013 1:34 PM, Stuart Tremain wrote: > Tom > > Anything that encrypt I do like this: > > > [url][url][ENCRYPT seed=secret]password-value[/ENCRYPT][/URL][/URL] > > Very straight forward in the docs: http://www.webdna.us/page.dna?numero=83 > > > If you are wanting to have these encrypted passwords portable to other systems then you will have to look at other methods. > > > > > > On 03/10/2013, at 6:20 AM, Tom Duke wrote: > >> Hi all, >> >> I've been reading up recently on password hashing with salts etc, and I'm hoping to implement a process that I can then document and outline to clients. >> >> My problem is I can't determine from the docs what encryption method is used when implementing 'standard' WebDNA encryption. >> >> So if I store passwords using a one way hash with: >> >> [encrypt]salt-value.password-value[/encrypt] >> >> can anyone tell me what algorithm is used? >> >> Also how are other people handing password storage? >> >> Thanks >> - Tom >> >> >> --------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.us Bug Reporting: support@webdna.us > --------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us > Bug Reporting: support@webdna.us Dan Strong

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Thanks Grant (1997) More questions about serial number dishing (1997) passing user info on each page (2000) killing white space (1998) Relevancy Rating (1998) how to get s repeatedly in and out of a form? (1999) WC2b15 File Corruption (1997) WordBreak Qestion (part 2) (1998) ampersand hell (2003) Change in Host? (1999) Zip Code Database (2004) carriage returns in data (1997) Shared Webstar Directory (1998) Emailer (1997) Hiding HTML and page breaks (1997) Apoligy (1997) Multiple Ad databases? (1997) WebCatalog 4.0.2b5 install problems (2000) Typhoon Rev. and PCS store problems (1999) Still having problems with Authen (1997)