Re: [WebDNA] Best practice re: password storage
This WebDNA talk-list message is from 2013
It keeps the original formatting.
numero = 110774
interpreted = N
texte = Tom,I don't know what method WebDNA standard encryption uses, but whenever I encrypt I use blowfish because I find the output "prettier" and easier to deal with since I don't have to fiddle with all the [url]ing, but that's just me.[url][url][encrypt seed=secret]salt-value.password-value[/encrypt][/url][/url]5%258D%25EE%2540%2596%25C6%25A5%2515%25D4h%25E6%255C%25DDO%2528%257C%25ABT%25B7%25C8%251B%252Aj%25F4%25AF%25B8/0%25B0%25D9uYvs.[encrypt seed=secret&method=blowfish]salt-value.password-value[/encrypt]8c13ab1401786f015b64821c6920756a082d91a7090cdf170ffd995ebf5de1fd-Dan Stronghttp://www.DanStrong.comOn 10/2/2013 1:34 PM, Stuart Tremain wrote:> Tom>> Anything that encrypt I do like this:>>> [URL][URL][ENCRYPT seed=secret]password-value[/ENCRYPT][/URL][/URL]>> Very straight forward in the docs: http://www.webdna.us/page.dna?numero=83>>> If you are wanting to have these encrypted passwords portable to other systems then you will have to look at other methods.>>>>>> On 03/10/2013, at 6:20 AM, Tom Duke
wrote:>>> Hi all,>>>> I've been reading up recently on password hashing with salts etc, and I'm hoping to implement a process that I can then document and outline to clients.>>>> My problem is I can't determine from the docs what encryption method is used when implementing 'standard' WebDNA encryption.>>>> So if I store passwords using a one way hash with:>>>> [encrypt]salt-value.password-value[/encrypt]>>>> can anyone tell me what algorithm is used?>>>> Also how are other people handing password storage?>>>> Thanks>> - Tom>>>> >> --------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.us Bug Reporting: support@webdna.us> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> Bug Reporting: support@webdna.us
Associated Messages, from the most recent to the oldest:
Tom,I don't know what method WebDNA standard encryption uses, but whenever I encrypt I use blowfish because I find the output "prettier" and easier to deal with since I don't have to fiddle with all the [url]ing, but that's just me.[url][url][encrypt seed=secret]salt-value.password-value[/encrypt][/url][/url]5%258D%25EE%2540%2596%25C6%25A5%2515%25D4h%25E6%255C%25DDO%2528%257C%25ABT%25B7%25C8%251B%252Aj%25F4%25AF%25B8/0%25B0%25D9uYvs.[encrypt seed=secret&method=blowfish]salt-value.password-value[/encrypt]8c13ab1401786f015b64821c6920756a082d91a7090cdf170ffd995ebf5de1fd-Dan Stronghttp://www.DanStrong.comOn 10/2/2013 1:34 PM, Stuart Tremain wrote:> Tom>> Anything that encrypt I do like this:>>> [url][url][ENCRYPT seed=secret]password-value[/ENCRYPT][/URL][/URL]>> Very straight forward in the docs: http://www.webdna.us/page.dna?numero=83>>> If you are wanting to have these encrypted passwords portable to other systems then you will have to look at other methods.>>>>>> On 03/10/2013, at 6:20 AM, Tom Duke wrote:>>> Hi all,>>>> I've been reading up recently on password hashing with salts etc, and I'm hoping to implement a process that I can then document and outline to clients.>>>> My problem is I can't determine from the docs what encryption method is used when implementing 'standard' WebDNA encryption.>>>> So if I store passwords using a one way hash with:>>>> [encrypt]salt-value.password-value[/encrypt]>>>> can anyone tell me what algorithm is used?>>>> Also how are other people handing password storage?>>>> Thanks>> - Tom>>>> >> --------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.us Bug Reporting: support@webdna.us> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> Bug Reporting: support@webdna.us
Dan Strong
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Two submit buttons ? (1997)
Major bug report on rootbeer (1997)
(ot) sitemap generator (1998)
Happy Halloween - Check out the pumpkin (2002)
authorize.net SIM & AIM Sample Code (2002)
Been meaning to ask... (1997)
Re:no [search] with NT (1997)
Client-side Image Maps and WebCat? (1998)
[referrer] -truncates at & (1998)
Re1000001: Setting up shop (1997)
Kaaaaahhhhhhhnnnnnnn! (1997)
[WebDNA] Authentication across domains (2009)
FIXED: Startup Script for 5.1g on iTools 8.2 (2006)
WC on Mac OS X or Mac OS X Server 2.x (2001)
Domain name & WebDNA 5.0 (2003)
Cookies and webcat (1997)
Add command creates new cart but I'm passing existing cart...? (2000)
Setting up WebCatalog with Retail Pro data (1996)
php vs WebCatalog (2000)
Re: (1998)