Creating htpasswd compatible passwords
Mark Smith
lists at futilism.com
Sun Mar 22 10:53:07 EDT 2009
If the sha1 type is acceptable, you can use either my sha1
implementation or the openssl command line to generate a sha1 digest
of the password to end up with this form:
username:{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g= (simple)
username:{SSHA}sVp7Y6h1ZtYAvp3UbsbZlQYACaU= (salted, more secure)
if you were going to use my sha1 (libHash-Hmac) then you could do this
function htpasswd.sha1 pPword
return "{SHA}" & sha1.b64(pPword)
end htpasswd.sha1
----
function htpasswd.sha1.salted pPword
put numtochar(random(255)) & numtochar(random(255)) into tSalt
return "{SSHA}" & sha1.b64(pPword & tSalt) & base64encode(tSalt)
end htpasswd.sha1.salted
In fact, I might add those to the library.
Best,
Mark
On 22 Mar 2009, at 00:35, Marty Knapp wrote:
> Has anyone used Rev to create encrypted passwords that are
> compatible with htpasswd to protect areas of your web site? I know
> absolutely nothing about encryption. I've spent a few hours poking
> around the internet trying to find something that I can use for a
> utility I need to make. I found lots of web sites that will
> generate an encrypted password, but I don't really want to go that
> route.
>
> Thanks for any help,
> Marty Knapp
> _______________________________________________
> use-revolution mailing list
> use-revolution at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-revolution
More information about the use-livecode
mailing list