Password::OWASP::AbstractBaseX - Abstract base class to implement OWASP password recommendations
version 0.002
package Password::OWASP::MyThing; use Moose; with 'Password::OWASP::AbstractBaseX'; # You need to implement this method sub crypt_password { ...; } sub check_password { ...; }
An abstract base class for modules that want to implement OWASP recommendations for password storage.
This class implements the following methods and attributes.
An enumeration of sha1, sha256, sha512. The latter is the default. This is used for the "hash_password" in Password::OWASP::AbstractBaseX function.
sha1
sha256
sha512
A code ref to update the password in your given store. The first argument is the password that needs to be stored. Setting this value will also enable you to update the password via "update_password" in Password::OWASP::AbstractBaseX.
Check the password against the former password scheme, assuming it isn't a password scheme that is understood by Authen::Passphrase and the password isn't hashed before it was stored.
In case the "update_method" in Password::OWASP::AbstractBaseX was provided, the password is updated in place.
Update the password if "update_method" in Password::OWASP::AbstractBaseX was provided.
Hash the password with the given sha.
OWASP cheatsheet for password storage
OWASP cheatsheet for authentication storage
Authen::Passphrase
Wesley Schwengle <waterkip@cpan.org>
This software is Copyright (c) 2019 by Wesley Schwengle.
This is free software, licensed under:
The (three-clause) BSD License
To install Password::OWASP, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Password::OWASP
CPAN shell
perl -MCPAN -e shell install Password::OWASP
For more information on module installation, please visit the detailed CPAN module installation guide.