Password::OWASP::AbstractBase - Abstract base class to implement OWASP password recommendations
version 0.002
package Password::OWASP::MyThing; use Moose; with 'Password::OWASP::AbstractBase'; # You need to implement this method sub crypt_password { ...; }
An abstract base class for modules that want to implement OWASP recommendations for password storage.
This class implements the following methods and attributes.
An enumeration of sha1, sha256, sha512. The latter is the default. This is used for the "hash_password" in Password::OWASP::AbstractBase function.
sha1
sha256
sha512
A code ref to update the password in your given store. The first argument is the password that needs to be stored. Setting this value will also enable you to update the password via "update_password" in Password::OWASP::AbstractBase.
Check the user password, returns true or false depending on the correctness of the password. The password needs to be in a RFC2307 format.
Check the password against the former password scheme, assuming it isn't a password scheme that is understood by Authen::Passphrase and the password isn't hashed before it was stored.
In case the "update_method" in Password::OWASP::AbstractBase was provided, the password is updated in place.
Update the password if "update_method" in Password::OWASP::AbstractBase was provided.
Hash the password with the given sha.
Password::OWASP::AbstractBaseX
OWASP cheatsheet for password storage
OWASP cheatsheet for authentication storage
Authen::Passphrase
Wesley Schwengle <waterkip@cpan.org>
This software is Copyright (c) 2019 by Wesley Schwengle.
This is free software, licensed under:
The (three-clause) BSD License
To install Password::OWASP, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Password::OWASP
CPAN shell
perl -MCPAN -e shell install Password::OWASP
For more information on module installation, please visit the detailed CPAN module installation guide.