View previous topic :: View next topic |
Author |
Message |
JoeWest -
Joined: 17 Aug 2003 Posts: 6
|
Posted: Thu Aug 28, 2003 5:39 pm Post subject: User password encryption format in abyss.conf |
|
|
Hi,
The reason for my question is that I would like to write a program that sits on my server and changes the user passwords on a regular basis.
To do this I need to know the encryption format you use!
I do understand if you are not willing to provide this information fo security reasons.
Regards |
|
Back to top |
|
|
aprelium -
Joined: 22 Mar 2002 Posts: 6800
|
Posted: Fri Aug 29, 2003 3:06 pm Post subject: Re: User password encryption format in abyss.conf |
|
|
There are no security issue with the encryption we use since it is a one way encryption algorithm (not reversible).
The encrypted passwords are made using the MD5 hash algorithm and BASE64 encoding. Here is how we compute them:
Encrypted-password = MD5( BASE64(username & ":" & password) )
& is the string concatenation operator. So if a user name is "jack" and its
password is "theripper" the encrypted password is MD5( BASE64("jack:theripper")). _________________ Support Team
Aprelium - http://www.aprelium.com |
|
Back to top |
|
|
ArmyboyMineNu -
Joined: 16 Oct 2003 Posts: 2
|
Posted: Tue Feb 10, 2004 1:24 am Post subject: |
|
|
Does anyone know a script which will add encrypted passwords to the proper place in the config file automatically. I'm a noob at programing in perl and this is WAY past my level of knowledge. I do realize that a restart of the web-server will be required before the additions were affective, but I think I could take care of that issue.
I guess I'm just looking for a snippit I could modify for my own use. Thanks for all your help.
Armyboy |
|
Back to top |
|
|
Anonymoose -
Joined: 09 Sep 2003 Posts: 2192
|
|
Back to top |
|
|
ArmyboyMineNu -
Joined: 16 Oct 2003 Posts: 2
|
Posted: Tue Feb 10, 2004 11:27 pm Post subject: |
|
|
unfortunately that's more then a -little- past my skill-range :-( |
|
Back to top |
|
|
|