Plain SHA1 hashes from a password are not really secure as they are vulnerable against rainbow tables. Therefor I added a column 'salt' to the user database and updated the code to use Bcrypt as a hashing algorithm.
Although this method should provide a more secure way of storing passwords, I would definitely let someone who actually knows alot about security review this code. Also, I'm not that familiar with Modules in Perl so there might be a better way of adding the generate_hash() function to the codebase.
Plain SHA1 hashes from a password are not really secure as they are vulnerable against rainbow tables. Therefor I added a column 'salt' to the user database and updated the code to use Bcrypt as a hashing algorithm.
Although this method should provide a more secure way of storing passwords, I would definitely let someone who actually knows alot about security review this code. Also, I'm not that familiar with Modules in Perl so there might be a better way of adding the generate_hash() function to the codebase.