[Gambas-user] Setting up passwords for program users
Leonardo Miliani
leonardo at ...1237...
Wed Jul 9 00:27:38 CEST 2008
richard terry ha scritto:
> I wondered if anyone had experience/code/examples of how to create/save
> encrypted passwords in a database?
>
> Thanks in advance.
>
> Richard
>
> -------------------------------------------------------------------------
> Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
> Studies have shown that voting for your favorite open source project,
> along with a healthy diet, reduces your potential for chronic lameness
> and boredom. Vote Now at http://www.sourceforge.net/community/cca08
> _______________________________________________
> Gambas-user mailing list
> Gambas-user at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/gambas-user
>
The only and secure way to store a password in a file/db is to use an
hash algorithm and stores only the hash of your password.
I used SHA256 and/or MD5 (I prefer the first one, more robust).
So:
1) ask you user to enter a password
2) create the hash of that password with SHA or MD5
3) store the hash
4) when the user logs in again, you compare the hash of the entered
password with the hash of the stored one: if they are identical, the
user has entered the original password
Why use an hash? Because an hash is a cryptographic function that
generates a check sum from which it is (or it should be) impossible to
calculate the datas that have been generated it.
--
Ciao.
Leo.
Web: www.leonardomiliani.com
E-mail: leonardo at ...1237...
Scegli software opensource - Choose opensource software
Co-fondatore di Gambas-it.org
Il sito di riferimento della comunità italiana degli utenti di Gambas
www.gambas-it.org
More information about the User
mailing list