[dancer-users] Problem with D::P::A::E::Provider::Base.pm
David Golden
xdg at xdg.me
Thu Dec 13 16:14:31 GMT 2012
On Tue, Dec 11, 2012 at 6:10 AM, David Precious <davidp at preshweb.co.uk> wrote:
> The reason I used Crypt::SaltedHash there is it's good at working out
> what hashing scheme is in use and just doing the right thing. If it's
> at all difficult to configure or understand, users might decide not to
> use it and just use plain text passwords instead; whilst I think they
> should have that choice, I think it should be seriously discouraged :)
At the risk of inflicting dependencies on people, I suggest looking at
Authen::Passphrase for dealing with various ways to hash passwords.
In particular, using Authen::Passphrase::BlowfishCrypt would be a
sensible default scheme as long as the work factor is decently high
(12+).
David
--
David Golden <xdg at xdg.me>
Take back your inbox! → http://www.bunchmail.com/
Twitter/IRC: @xdg
More information about the dancer-users
mailing list