[cgiapp] [announce] OO MVC jumpstart/starter application
Mark Rajcok
mrajcok at gmail.com
Thu Dec 4 23:07:51 EST 2008
On Thu, Dec 4, 2008 at 10:38 PM, Mark Rajcok <mrajcok at gmail.com> wrote:
> For those people who still think MD5 offers some type of security, I
>> suggest you direct readers to:
>> http://en.wikipedia.org/wiki/Rainbow_table
>
>
> Thanks, I didn't realize I was just hashing, not really encrypting. I'll
> switch. What would you recommend instead? Crypt::PasswdMD5? and randomly
> generate a salt each time I write the encrypted password to the database?
>
I wrote too soon... switching may be difficult. I'm using
CAP-Authentication, and it looks like my only options are crypt, MD5, SHA1.
Is crypt any better?
Maybe I should just change the tutorial and remove any talk of security?
-- Mark
More information about the cgiapp
mailing list