| 27 May 2011 14:21 |
|
27 May 2011 14:21 |
So lately I've been fantasising several ideas for Wikidot projects I could do. And by “lately”, I mean over the past 08 Sep 2007 01:56 of my life (since I joined Wikidot). I actually have this journal dedicated to programming concepts and ideas for Wikidot, that has hand-drawn designs, lines of code, trial & error formulas, ideas and the main architecture of my Wikidot endeavours.
Anyways, today I'm launching something new:
The Password Verification Server
The Password Verification Server (PVS) allows you to:
- Create a password-controlled text box
- Forward users with the correct password to hidden web pages
- Display a customisable message to users who enter the correct password
But what better way to explain the PVS than to demonstrate it live?
| What does 2+2 equal? |
For security purposes, the PVS doesn't store passwords directly on the server. Passwords are encrypted on the user's machine before they are sent to the server, using a one-way encryption (SHA-256). This means that no amount of hacking can reveal your password.
Actually, passwords are, in a way, encrypted twice before storing them on the server, so there's no possible way of reverse-engineering them or guessing them through brute force. They are safely stored.
I learnt a lot of things through this project. Take encryption and hashing, for example. I had to research all about it and learn about the weaknesses and strengths of different algorithms. Eventually I decided that SHA-256 would suit the needs of the PVS.
So now that you know about the PVS, I highly recommend that you GO AHEAD and PLAY WITH IT!!! Have some password fun! Make sure that the countless hours I've invested in this project weren't done in vain!!!
λ James Kanjo
Post preview:
Close preview