We accept safe and secure Credit Card and PayPal Payments.
Perl Scripts

All Count
Attachment Mailer
Perl Scripts Build A FAQ Plus
Perl Scripts Clock In Center
eBackup Automated
Easy Poll
Fetch a File
Form Maker
Mailing List Server
MySQL Mate
PDF Creation
Quick Fix
Quote of the day
Speed Search
Task Manager
Traffic Pack
Upload Plus
Upload Gold
Upload Pro
Website Manager

Free Perl Downloads

Free Perl Scripts Main Page
Free Perl Scripts 404 Alerter
AccessLog Viewer
Build A FAQ
PHP Scripts eBackup
Free PHP Scripts ErrorLog Viewer
eVars - Server Info
HT Pass Creator
Upload Lite
Website Manager


Free Java Scripts Alert Boxes
Free JavaScripts Browser Sniffer
Check email
Slide Show
Window Maker

Extra Utilities

ASP Scripts Ascii Codes
Free ASP Scripts Color Picker
Font Finder
HT Pass Creator
Meta Cloak
Meta Magic
Pano Zooms
Server Size

Online Tutorials

Free HTML Scripts Glossary
Free HTML Scripts HTML
Build Traffic


About Us
Latest versions

Hawk Eye in Tennis

Should Hawk Eye replace linesmen and lineswomen at all tennis tournaments?

View all Polls

Run Polls on your site

Run your own Surveys

Store Download FAQs Contact Us Support Programming Policies  

Perl crypt() on unix

What is crypt(), and what is DES

The Perl crypt() functions allows you to store data such as passwords or other sensitive information as an encrypted string using ASCII characters. Unix / linux servers use DES (the Digital Encryption Standard) which is a Unix encryption system using 56 bit keys in a complicated 16 round substitution process. The Perl crypt() function is a one way encryption method meaning, once a password has been encrypted, it cannot be decrypted.

How to encrypt passwords on a unix system

To encrypt passwords on a unix server, you can make use of Perl's crypt() function. It takes two arguments, the first is the string or password you want to encrypt, and the second argument is the salt.

$VAR{pass} = "mypass";
$VAR{salt} = "ab";
$VAR{pass} = crypt($VAR{pass}, $VAR{salt});
print $VAR{pass};
What is the salt

The salt is any any two characters which are to be subsequently used as part of the encryption's algorithm. It's stored by Unix as the first two characters of the encrypted string for later comparison. If you're storing your passwords for Apache's Basic Authentication (.htaccess), it's a good idea to remember how you generated your salt, or at least read the first two characters of the encrypted password and re-use them as the salt when comparing User input.

How to compare encrypted passwords

The key is in the salt. If you're using a different salt to compare form input against an already encrypted password, you're in trouble. The form input must be encrypted using the same method used to encrypt the stored password. You then check the new encryption against the stored encryption for a perfect match.

A good encryption method

The following is a safe and sound encryption method suitable for .htaccess and non-htaccess encryption. It uses the first two non-encrypted characters of the password typed in by a User logging in to generate the salt. The stored password also used the same salt.

$VAR{check} = $FORM{pass};
$VAR{salt}  = substr($VAR{check}, 0, 2);
$VAR{check} = crypt($VAR{check}, $VAR{salt});
print $VAR{check};

$VAR{pass} = "myNSG/MN.H5b3";
$VAR{salt} = substr($VAR{pass}, 0, 2);
$VAR{pass} = crypt($VAR{pass}, $VAR{salt});
print $VAR{pass};

if($VAR{check} eq $VAR{pass}{
    # you're in like Flynn
Speed Search our site
Plesk Hosting
Linux servers with Plesk Control Panel, cgi-bin, crontab manager, Mysql, PHP and ASP.

Linux Hosting Plans from $9.12 per month, includes Plesk Control Panel, MySQL databases, cgi-bin, crontab manager and 50 email accounts.

Discounted Scripts
Subscribe to our periodial newsletter to receive special offers.

Bathroom Hygiene
How often do you thoroughly clean your bathroom?

View all Polls

Run Polls just like this one on your website!

About us | Contact us | Script FAQs | Script Support | Website Hosting | Our Policies | Store | Testimonials
Subscribers log in here. Subscribe to our periodical newsletter for special offers on commercial scripts, hosting, exciting business opportunities, and industry news and events. Our Mailing List Software is powered by Consolidator    
HTML Plain text
©1999 - 2015 All content Copyright PerlScriptsJavaScripts.com Proudly hosted by LinuxHostingPlans.com