Re: [WebDNA] Best practice re: password storage
This WebDNA talk-list message is from 2013
It keeps the original formatting.
numero = 110774
interpreted = N
texte = Tom,I don't know what method WebDNA standard encryption uses, but whenever I encrypt I use blowfish because I find the output "prettier" and easier to deal with since I don't have to fiddle with all the [url]ing, but that's just me.[url][url][encrypt seed=secret]salt-value.password-value[/encrypt][/url][/url]5%258D%25EE%2540%2596%25C6%25A5%2515%25D4h%25E6%255C%25DDO%2528%257C%25ABT%25B7%25C8%251B%252Aj%25F4%25AF%25B8/0%25B0%25D9uYvs.[encrypt seed=secret&method=blowfish]salt-value.password-value[/encrypt]8c13ab1401786f015b64821c6920756a082d91a7090cdf170ffd995ebf5de1fd-Dan Stronghttp://www.DanStrong.comOn 10/2/2013 1:34 PM, Stuart Tremain wrote:> Tom>> Anything that encrypt I do like this:>>> [URL][URL][ENCRYPT seed=secret]password-value[/ENCRYPT][/URL][/URL]>> Very straight forward in the docs: http://www.webdna.us/page.dna?numero=83>>> If you are wanting to have these encrypted passwords portable to other systems then you will have to look at other methods.>>>>>> On 03/10/2013, at 6:20 AM, Tom Duke
wrote:>>> Hi all,>>>> I've been reading up recently on password hashing with salts etc, and I'm hoping to implement a process that I can then document and outline to clients.>>>> My problem is I can't determine from the docs what encryption method is used when implementing 'standard' WebDNA encryption.>>>> So if I store passwords using a one way hash with:>>>> [encrypt]salt-value.password-value[/encrypt]>>>> can anyone tell me what algorithm is used?>>>> Also how are other people handing password storage?>>>> Thanks>> - Tom>>>> >> --------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.us Bug Reporting: support@webdna.us> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> Bug Reporting: support@webdna.us
Associated Messages, from the most recent to the oldest:
Tom,I don't know what method WebDNA standard encryption uses, but whenever I encrypt I use blowfish because I find the output "prettier" and easier to deal with since I don't have to fiddle with all the [url]ing, but that's just me.[url][url][encrypt seed=secret]salt-value.password-value[/encrypt][/url][/url]5%258D%25EE%2540%2596%25C6%25A5%2515%25D4h%25E6%255C%25DDO%2528%257C%25ABT%25B7%25C8%251B%252Aj%25F4%25AF%25B8/0%25B0%25D9uYvs.[encrypt seed=secret&method=blowfish]salt-value.password-value[/encrypt]8c13ab1401786f015b64821c6920756a082d91a7090cdf170ffd995ebf5de1fd-Dan Stronghttp://www.DanStrong.comOn 10/2/2013 1:34 PM, Stuart Tremain wrote:> Tom>> Anything that encrypt I do like this:>>> [url][url][ENCRYPT seed=secret]password-value[/ENCRYPT][/URL][/URL]>> Very straight forward in the docs: http://www.webdna.us/page.dna?numero=83>>> If you are wanting to have these encrypted passwords portable to other systems then you will have to look at other methods.>>>>>> On 03/10/2013, at 6:20 AM, Tom Duke wrote:>>> Hi all,>>>> I've been reading up recently on password hashing with salts etc, and I'm hoping to implement a process that I can then document and outline to clients.>>>> My problem is I can't determine from the docs what encryption method is used when implementing 'standard' WebDNA encryption.>>>> So if I store passwords using a one way hash with:>>>> [encrypt]salt-value.password-value[/encrypt]>>>> can anyone tell me what algorithm is used?>>>> Also how are other people handing password storage?>>>> Thanks>> - Tom>>>> >> --------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.us Bug Reporting: support@webdna.us> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> Bug Reporting: support@webdna.us
Dan Strong
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
WebCat2 - Getting to the browser's username/password data (1997)
Rumpus/Typhoon modules included in Typhoon ... (1997)
rename a file (1997)
Multi vendor shop (2000)
Backwards list behavior ... (1997)
More on the email templates (1997)
[OT]: BBEdit grep (2003)
Credit card processing - UK (1997)
Creating results.... (2003)
Multiple prices (1997)
[WebDNA] encoding with webdna/JS, in context of various file encodings/charsets (2010)
Emailer port change (1997)
[AppendFile] problem (WebCat2b13 Mac .acgi) (1997)
(2000)
Re[2]: Base64 encryption limitations? (1999)
Large database on Mac OS X Server (2000)
Testing (2003)
A little syntax help (1997)
[WebDNA] Installing 6.0 onto Server 2008 (2011)
WebCat2 as a chat server? (1997)