Re: [WebDNA] ENCRYPTION problems
This WebDNA talk-list message is from 2012
It keeps the original formatting.
numero = 109279
interpreted = N
texte = Thanks for pointers everyone.I have decided to use ENCRYPT without the seed.On 07/07/2012, at 1:12 AM, Donovan Brooke wrote:> Stuart,>=20> You can store seed encrypted passwords and then decrypt them for auth =purposes (as per Govinda's note), but I think a more safe and standard =method is to store salted hash values that can't ever be decrypted.[1] =Sometimes systems need to be able to retrieve passwords, so this is not =the best in those cases, and you could use WebDNA's encryption instead. =When I use a seed, I like to encrypt the seed as well, in a text file, =then include it and decrypt the seed to auth against. I'm pretty =paranoid in general. ;-)>=20> 1. http://en.wikipedia.org/wiki/Salt_%28cryptography%29>=20>=20> christophe.billiottet@webdna.us wrote:>> Included in WebDNA 7+ is a strong blowfish algorithm (probably the =most secure encrypting system available with WebDNA)>> It was also existing in WebDNA 6 but undocumented because there were =some problems with it. Problems fixed with WebDNA 7+.>>=20>> - chris>=20> Blowfish will also be included with upcoming release of WebDNA 6.2.1> Note:, the two WebDNA encryption options (LOKI - WebDNA's default, and =Blowfish) will not work together obviously. Both encryption mechanisms =are strong kung fu. I haven't personally tested the blowfish fix as of =yet.>=20> Donovan>=20>=20>=20>=20>=20> --=20> Donovan Brooke> WebDNA Software Corporation> http://www.webdna.us> **[Square Bracket Utopia]**> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list
.> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> Bug Reporting: support@webdna.us
Associated Messages, from the most recent to the oldest:
Thanks for pointers everyone.I have decided to use ENCRYPT without the seed.On 07/07/2012, at 1:12 AM, Donovan Brooke wrote:> Stuart,>=20> You can store seed encrypted passwords and then decrypt them for auth =purposes (as per Govinda's note), but I think a more safe and standard =method is to store salted hash values that can't ever be decrypted.[1] =Sometimes systems need to be able to retrieve passwords, so this is not =the best in those cases, and you could use WebDNA's encryption instead. =When I use a seed, I like to encrypt the seed as well, in a text file, =then include it and decrypt the seed to auth against. I'm pretty =paranoid in general. ;-)>=20> 1. http://en.wikipedia.org/wiki/Salt_%28cryptography%29>=20>=20> christophe.billiottet@webdna.us wrote:>> Included in WebDNA 7+ is a strong blowfish algorithm (probably the =most secure encrypting system available with WebDNA)>> It was also existing in WebDNA 6 but undocumented because there were =some problems with it. Problems fixed with WebDNA 7+.>>=20>> - chris>=20> Blowfish will also be included with upcoming release of WebDNA 6.2.1> Note:, the two WebDNA encryption options (LOKI - WebDNA's default, and =Blowfish) will not work together obviously. Both encryption mechanisms =are strong kung fu. I haven't personally tested the blowfish fix as of =yet.>=20> Donovan>=20>=20>=20>=20>=20> --=20> Donovan Brooke> WebDNA Software Corporation> http://www.webdna.us> **[Square Bracket Utopia]**> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> Bug Reporting: support@webdna.us
Stuart Tremain
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
[/application] error? (1997)
Re:Searching for ALL / empty form field (1997)
Repeating Fields (1997)
WebCatalog/Mac 2.1b2 - PIXO (1997)
Nesting format tags (1997)
Emailer (1997)
question: webmerchant connection (1997)
Fun with dates (1997)
Odd [math] behaviour (2003)
RE: [WebDNA] OT - JS help (2008)
MATH (1998)
Can WebDNA do this? (2000)
autosensing lanague selection (1997)
database size? (1997)
[AppendFile] problem (WebCat2b13 Mac .acgi) (1997)
Upgrade to 3.07 problems (2000)
text size limitation (1997)
Macs and SQL (2000)
Re:[input] context (1999)
Issue with plug-in Webcat, webstar 4.x, SSL and IE when using the backbuttom (2000)