On Thu, Dec 4, 2008 at 10:38 PM, Mark Rajcok <[EMAIL PROTECTED]> wrote:
> For those people who still think MD5 offers some type of security, I >> suggest you direct readers to: >> http://en.wikipedia.org/wiki/Rainbow_table > > > Thanks, I didn't realize I was just hashing, not really encrypting. I'll > switch. What would you recommend instead? Crypt::PasswdMD5? and randomly > generate a salt each time I write the encrypted password to the database? > I wrote too soon... switching may be difficult. I'm using CAP-Authentication, and it looks like my only options are crypt, MD5, SHA1. Is crypt any better? Maybe I should just change the tutorial and remove any talk of security? -- Mark ##### CGI::Application community mailing list ################ ## ## ## To unsubscribe, or change your message delivery options, ## ## visit: http://www.erlbaum.net/mailman/listinfo/cgiapp ## ## ## ## Web archive: http://www.erlbaum.net/pipermail/cgiapp/ ## ## Wiki: http://cgiapp.erlbaum.net/ ## ## ## ################################################################