Smalltalk Pharo Pharo Smalltalk Developers

How to encrypt a password?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
23 messages Options
12
Paul DeBruicker
Reply | Threaded
Open this post in threaded view
|

Re: How to encrypt a password?

Paul DeBruicker
Davide Varvello wrote
Paul,

I've already tried to load PasswordHashingFFI-PaulDeBruicker.16.mcz, but a warning shows:

This package depends on the following classes:
  ExternalStructure
You must resolve these dependencies before you will be able to load these definitions:
  BCryptLinuxFFI
  bcrypt:
  bcrypt:with:
 
Have you loaded FFI into your image prior to loading the PasswordHashinFFI package?  I've only used/tested these things on Pharo 1.1 - 2 and Squeak 4.3 & 4.4.  What platform are you using?
sebastianconcept@gmail.co
Reply | Threaded
Open this post in threaded view
|

Re: How to encrypt a password?

sebastianconcept@gmail.co
In reply to this post by Davide Varvello
+1 you should definitively NOT encrypt

Cupid Media hacked, 42 million passwords was stolen:

You're Probably Storing Passwords Incorrectly:
http://www.codinghorror.com/blog/2007/09/youre-probably-storing-passwords-incorrectly.html

And now you mentioned it, Monticello actually sucks on this one








On Nov 21, 2013, at 7:06 PM, Davide Varvello <[hidden email]> wrote:

Hi Mariano,

Hash functions are one way
(http://en.wikipedia.org/wiki/Cryptographic_hash_function) that's because
usually you don't want someone can decrypt password.

Cheers
Davide


Mariano Martinez Peck wrote
Hi Paul, and just to be sure I understand...none of them could work as a
two-way encryption, right?
The only one is your Pharo's version of Blowfish but that only works with
8
chars long. Is it like this? Or is there any other two-way encryption?

Thanks!





--
View this message in context: http://forum.world.st/How-to-encrypt-a-password-tp3933585p4724097.html
Sent from the Pharo Smalltalk Developers mailing list archive at Nabble.com.
Davide Varvello
Reply | Threaded
Open this post in threaded view
|

Re: How to encrypt a password?

Davide Varvello
In reply to this post by Paul DeBruicker
Paul DeBruicker wrote
Have you loaded FFI into your image prior to loading the PasswordHashingFFI package?  I've only used/tested these things on Pharo 1.1 - 2 and Squeak 4.3 & 4.4.  What platform are you using?
Oops, I didn't load FFI.
Now, after evaluating…:

Gofer new
  squeaksource: 'MetacelloRepository';
  package: 'ConfigurationOfFFI';
  load.
(Smalltalk at: #ConfigurationOfFFI) project lastVersion load


…PasswordHashingFFI is loading.
Thanks
Davide
12
Free forum by Nabble Edit this page