[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Please HELP : Reg CVS password Decrypting mechanism

From: Larry Jones
Subject: Re: Please HELP : Reg CVS password Decrypting mechanism
Date: Fri, 12 Sep 2008 11:25:28 -0400 (EDT)

Arvind Kanaka Raju writes:
> Doubts : When we create a new user, we use the crypt function with
> salt,random,pepper etc to create a encrypted password but the output
> string(encrypted password) is Given out as a different string everytime
> we run the crpyting script.

That's because you're using random salt -- if you use the same salt, you
get the same output string.  The output string starts with the salt that
was used to create it, so to check an existing password, use the
existing (encrypted) password as the salt to encrypt what the user
enters and then compare the output with the existing password.
Larry Jones

I won't eat any cereal that doesn't turn the milk purple. -- Calvin

reply via email to

[Prev in Thread] Current Thread [Next in Thread]