These are some stored procedures I wrote to one-way encrypt passwords for storage in a database. I am sure that they are not immune from heavy-duty decryption attacks, but my purpose in writing them was to protect user's passwords from all but the most determined attackers if the data happened to fall into the wrong hands. I developed this for MS SQLServer but am sure it will work as well on Sybase with minimal editing.
I made the password size to be up to 100 characters in length to allow for the use of pass phrases.
- procCryptPassword.sql, a stored procedure to create a one-way encryption of the user's password for storage into the database and for a subsequent check for valid password.
- procChangePassword.sql, a routine for changing the password (depends on a certain table structure and will require editing to match your structure).
- procUserAuthorized.sql, a routine for authenticating a user (depends on a certain table structure and will require editing to match your structure).