Re: [WebDNA] ENCRYPTION problems

This WebDNA talk-list message is from

2012

It keeps the original formatting. numero = 109279
interpreted = N
texte = Thanks for pointers everyone.I have decided to use ENCRYPT without the seed.On 07/07/2012, at 1:12 AM, Donovan Brooke wrote:> Stuart,>=20> You can store seed encrypted passwords and then decrypt them for auth =purposes (as per Govinda's note), but I think a more safe and standard =method is to store salted hash values that can't ever be decrypted.[1] =Sometimes systems need to be able to retrieve passwords, so this is not =the best in those cases, and you could use WebDNA's encryption instead. =When I use a seed, I like to encrypt the seed as well, in a text file, =then include it and decrypt the seed to auth against. I'm pretty =paranoid in general. ;-)>=20> 1. http://en.wikipedia.org/wiki/Salt_%28cryptography%29>=20>=20> christophe.billiottet@webdna.us wrote:>> Included in WebDNA 7+ is a strong blowfish algorithm (probably the =most secure encrypting system available with WebDNA)>> It was also existing in WebDNA 6 but undocumented because there were =some problems with it. Problems fixed with WebDNA 7+.>>=20>> - chris>=20> Blowfish will also be included with upcoming release of WebDNA 6.2.1> Note:, the two WebDNA encryption options (LOKI - WebDNA's default, and =Blowfish) will not work together obviously. Both encryption mechanisms =are strong kung fu. I haven't personally tested the blowfish fix as of =yet.>=20> Donovan>=20>=20>=20>=20>=20> --=20> Donovan Brooke> WebDNA Software Corporation> http://www.webdna.us> **[Square Bracket Utopia]**> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> Bug Reporting: support@webdna.us Associated Messages, from the most recent to the oldest:

Re: [WebDNA] ENCRYPTION problems (Stuart Tremain 2012)
Re: [WebDNA] ENCRYPTION problems (Donovan Brooke 2012)
Re: [WebDNA] ENCRYPTION problems (christophe.billiottet@webdna.us 2012)
Re: [WebDNA] ENCRYPTION problems (Govinda 2012)
[WebDNA] ENCRYPTION problems (Stuart Tremain 2012)

Thanks for pointers everyone.I have decided to use ENCRYPT without the seed.On 07/07/2012, at 1:12 AM, Donovan Brooke wrote:> Stuart,>=20> You can store seed encrypted passwords and then decrypt them for auth =purposes (as per Govinda's note), but I think a more safe and standard =method is to store salted hash values that can't ever be decrypted.[1] =Sometimes systems need to be able to retrieve passwords, so this is not =the best in those cases, and you could use WebDNA's encryption instead. =When I use a seed, I like to encrypt the seed as well, in a text file, =then include it and decrypt the seed to auth against. I'm pretty =paranoid in general. ;-)>=20> 1. http://en.wikipedia.org/wiki/Salt_%28cryptography%29>=20>=20> christophe.billiottet@webdna.us wrote:>> Included in WebDNA 7+ is a strong blowfish algorithm (probably the =most secure encrypting system available with WebDNA)>> It was also existing in WebDNA 6 but undocumented because there were =some problems with it. Problems fixed with WebDNA 7+.>>=20>> - chris>=20> Blowfish will also be included with upcoming release of WebDNA 6.2.1> Note:, the two WebDNA encryption options (LOKI - WebDNA's default, and =Blowfish) will not work together obviously. Both encryption mechanisms =are strong kung fu. I haven't personally tested the blowfish fix as of =yet.>=20> Donovan>=20>=20>=20>=20>=20> --=20> Donovan Brooke> WebDNA Software Corporation> http://www.webdna.us> **[Square Bracket Utopia]**> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> Bug Reporting: support@webdna.us Stuart Tremain

DOWNLOAD WEBDNA NOW!

Re: [WebDNA] ENCRYPTION problems

2012

Top Articles:

Related Readings: