[Date Prev][Date Next] [Chronological] [Thread] [Top]

about passwords

Heya fellas,

     Encrypting a password seems like a sound logical idea to me.  But
     there do not appear to be any password tools for LDAP that I have
     seen.  So, if I just wrote a program that calculated the MD5 hash
     of a password and salt pair, and then stored that in my directory
     as {crypt}$hash, would that be okay?  And when I authenticate
     against that, do I authenticate in clear text, or can I create
     another MD5 hash of the same password (with a more than likely
     different salt), and authenticate against that?