[Pharo-users] [ANN] Application Security for your domains

Hernán Morales Durand hernan.morales at gmail.com
Sat Mar 29 15:32:47 EDT 2014


2014-03-29 10:58 GMT-03:00 Robert Shiplett <grshiplett at gmail.com>:
> do we have a Pharo PassPhrase 4 X 4 - specific project/variant/branch ?
>

I don't know, but I would be happy to integrate it.

> (i.e., four  4-char substring => 1 Passphrase )
>
> I had done some work on mnemonics for such passphrases ...  and I realize
> some like to salt-and-pepper with 3-char and 5-char Unicode chunks ...
>

Can you comment more about it? Do you have some code?

I'm interested in image-based password mnemonics beacuse a well-known
picture is easier to remember that text-based mnemonics, specially
when passwords contain special characters.
Cheers,

Hernán

> thnkx
>
>
> On 29 March 2014 10:05, Pierce Ng <pierce at samadhiweb.com> wrote:
>>
>> On Thu, Mar 27, 2014 at 08:58:48PM -0300, Hern??n Morales Durand wrote:
>> > Second, my first entry contains a post about Application Security, a new
>> > package to make Pharo applications more secure. You can start playing
>> > with
>> > the objects right now, while more documentation is being written for the
>> > next release.
>>
>> Hi,
>>
>> Good stuff!
>>
>> I've been doing some password-related work as well.
>>
>>   http://samadhiweb.com/blog/2013.08.11.splitpasswordstore.html
>>
>> This allows writing the following:
>>
>>   spec := DBConnectionSpec new
>>             key: 'mysql';
>>             host: 'localhost'; port: 3306;
>>             user: 'myappuser';
>>       ====> password: (SpsSplitPasswordStore readFrom: 'myappuser.dat');
>>             yourself.
>>
>> Also, SHA256/512 password hashing:
>>
>>   http://samadhiweb.com/blog/2013.11.17.shacrypt.html
>>
>> Code for both is published on SS3.
>>
>> --
>> Pierce Ng
>> http://samadhiweb.com/blog/
>>
>>
>




More information about the Pharo-users mailing list