[dancer-users] Problem with D::P::A::E::Provider::Base.pm
Henk van Oers
hvo.pm at xs4all.nl
Thu Dec 13 16:47:42 GMT 2012
On Thu, 13 Dec 2012, David Golden wrote:
> On Tue, Dec 11, 2012 at 6:10 AM, David Precious <davidp at preshweb.co.uk> wrote:
>> The reason I used Crypt::SaltedHash there is it's good at working out
>> what hashing scheme is in use and just doing the right thing. If it's
>> at all difficult to configure or understand, users might decide not to
>> use it and just use plain text passwords instead; whilst I think they
>> should have that choice, I think it should be seriously discouraged :)
>
> At the risk of inflicting dependencies on people, I suggest looking at
> Authen::Passphrase for dealing with various ways to hash passwords.
>
> In particular, using Authen::Passphrase::BlowfishCrypt would be a
> sensible default scheme as long as the work factor is decently high
> (12+).
Or maybe Crypt::Eksblowfish like Dancer::Plugin::Passphrase ?
--
Henk
More information about the dancer-users
mailing list