Authen-Passphrase reviews

RSS | Module Info

Authen-Passphrase (0.006) ****

Pros: A complete swiss-army knife for managing password strings. I maintain a large project which requires the ability to authenticate all sorts of passwords, DES crypt, MD5, Blowfish, LDAP encodings, this module does it all.

Cons: A twisty maze of odd dependencies, all alike.

Authen-Passphrase (0.005) *****

This is a very clean and consistent way of managing password strings and making them into password objects.

It's nice for testing (using cleartext passwords), upgrading (migrating from say crypt to a stronger hash), and other scenarios where the polymorphism of the api is very valuable (everything can be used the as/from stringification methods, and can be tested for password equivalence the same way, even though the representations are different).

The only problem I ran into is that it doesn't [yet] support $apr1$ style passwords (i dunno if this is the hash function or just the formatting that is missing), but aside from that it works great.