On Tue, Apr 21, 2009 at 7:54 AM, [email protected] [email protected]
so when the user comes next time he is shown the password which is
encrypted and the login fails
Apologies if this seems a bit harsh, but you’re not the first person
to ask this list a question like this (and prolly not the last).
Security- especially cryptography is HARD. You clearly have no idea
what you’re doing when it comes to security/crypto. Even if you
properly understood crypto fundamentals, you’d still probably use the
algorithms incorrectly which would open up huge holes- it happens all
the time. Even the so-called “experts” can and do get it wrong
The solution is simple: stop trying to roll your own solution. Use
SSL with something like restful_authentication and be done with it.
http://tcpreplay.synfin.net/ - Pcap editing and replay tools for Unix &
Those who would give up essential Liberty, to purchase a little
Safety, deserve neither Liberty nor Safety.
– Benjamin Franklin