NAME
App::bmkpasswd - bcrypt-capable mkpasswd(1) and exported helpers
SYNOPSIS
bmkpasswd --help
## Generate bcrypted passwords
## Defaults to work cost factor '08':
bmkpasswd
bmkpasswd --workcost='06'
## Use other methods:
bmkpasswd --method='md5'
# SHA requires Crypt::Passwd::XS or glibc2.7+
bmkpasswd --method='sha512'
## Compare a hash:
bmkpasswd --check=HASH
DESCRIPTION
App::bmkpasswd is a simple bcrypt-enabled mkpasswd. (Helper functions
are also exported for use in other applications; see "EXPORTED".)
See "bmkpasswd --help" for usage information.
Uses Crypt::Eksblowfish::Bcrypt for bcrypted passwords. (See
for why you ought
to be using bcrypt or similar "adaptive" techniques).
SHA-256 and SHA-512 are supported if available. You'll need either
Crypt::Passwd::XS or a system crypt() that can handle SHA, such as
glibc-2.7+ or newer FreeBSD builds.
MD5 uses the system's crypt() -- support for it is fairly universal, but
it is known insecure and there is really no valid excuse to be using it
;-)
Salts are randomly generated.
EXPORTED
You can use the exported mkpasswd and passwdcmp functions in other Perl
modules/applications:
use App::bmkpasswd qw/mkpasswd passwdcmp/;
## Generate a bcrypted passwd with work-cost 08:
$bcrypted = mkpasswd($passwd);
## Generate a bcrypted passwd with other work-cost:
$bcrypted = mkpasswd($passwd, 'bcrypt', '06');
## SHA:
$crypted = mkpasswd($passwd, 'sha256');
$crypted = mkpasswd($passwd, 'sha512');
## Compare a password against a hash
## passwdcmp() will return the hash if it is a match
$pwd_matched++ if passwdcmp($passwd, $hash);
BUGS
There is currently no easy way to pass your own salt; frankly, this
thing is aimed at some projects of mine where that issue is unlikely to
come up and randomized is appropriate. If that's a problem, patches
welcome? ;-)
AUTHOR
Jon Portnoy