NAME

Password::OWASP::AbstractBase - Abstract base class to implement OWASP password recommendations

VERSION

version 0.005

SYNOPSIS

    package Password::OWASP::MyThing;
    use Moose;

    with 'Password::OWASP::AbstractBase';

    use Authen::Passphrase::SomeThing

    # You need to implement this method
    sub ppr { 'Authen::Passphrase::SomeThing' }

DESCRIPTION

An abstract base class for modules that want to implement OWASP recommendations for password storage.

This class implements the following methods and attributes.

ATTRIBUTES

hashing: An enumeration of none, sha1, sha224, sha256, sha384, sha512. The latter is the default. This default will change in the future to none, as the new OWASP policy states that prehashing is a security risk. This is used for the "prehash_password" in Password::OWASP::AbstractBase function.
update_method: A code ref to update the password in your given store. The first argument is the password that needs to be stored. Setting this value will also enable you to update the password via "update_password" in Password::OWASP::AbstractBase.

METHODS

check_legacy_password

Check the password against the former password scheme, assuming it isn't a password scheme that is understood by Authen::Passphrase and the password isn't hashed before it was stored.

In case the "update_method" in Password::OWASP::AbstractBase was provided, the password is updated in place.

update_password

Update the password if "update_method" in Password::OWASP::AbstractBase was provided.

prehash_password

Hash the password with the given sha. When hashing is set to none, no hashing wil be performed and the password is returned instead of the hash.

hash_password

DEPRECATED: This method will be removed in a future release, please use "prehash_password" in Password::OWASP::AbstractBase instead.

check_password

Check the password against the current password scheme

crypt_password

Crypt/hash the password for storage

AUTHOR

Wesley Schwengle <waterkip@cpan.org>

COPYRIGHT AND LICENSE

This is free software, licensed under:

  The (three-clause) BSD License

To install Password::OWASP, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Password::OWASP

CPAN shell

perl -MCPAN -e shell
install Password::OWASP

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)