Joined: 06 Mar 2003, 03:21
Posts: 447
Location: Monterrey, NL, Mexico
|
|
Giovan:
> The only question I've got left is about the safety.
> My webserver doesn't permit anonymous login but
> users could try to unravel the name of my textfile
> (although they should try manyy times). I ever heard
> aboyt md5hash , how is it possible to encrypt the
> passfile with md5hash?
Hi. The script doesn't include MD5 hashes because it was designed for simplicity. The idea was that the password file could be changed with a simple text editor without extra software. Most users from non-Unix/Linux platforms doesn't have MD5 or SHA1 hash generators, so I discarded the idea.
But I can see your concern. I have just released version 1.0.2 with support for MD5 hashed (sort-of encrypted) password.
There is now an option in the slogin_lib.inc.php file named slogin_usehashes. Just set it to 1 and change the passwords in the users file to their MD5 hashes. So now, for example, the default "admin" password become 21232f297a57a5a743894a0e4a801fc3.
The help you in this step, there is a new script file named slogin_genpass.php where you can enter the plain text password and it will return the MD5 hash.
Regards,
Mario A. Valdez-Ramirez.
|
|
|
Login
FAQ
Search
