 |
 |
Find a programming school near you
php-general | 2005051
Date: 05/10/05
- Next message: Greg Donald: "Re: [PHP] how to know whether web server of a remote machine is running or not"
- Previous message: Mikey: "RE: [PHP] Accessible HTML - OT"
- In reply to: Deep: "[PHP] Password encryption and password retrieval"
- Next in thread: Philip Hallstrom: "Re: [PHP] Password encryption and password retrieval"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi
You are doing the right thing storing passwords encrypted!
You may use any of the one way digest like secure hash 1 (sha1) or md5 or a
combination to generate a hash.
In case your user forgets his password, there is no way to reconstruct it.
You need to provide an interface where the user can enter their email and the
script sends a message to the user with a token. Afterwards, this token is
used as one time password to login and change the password.
Regards
Andy
-- Registered Linux User Number 379093 -- --BEGIN GEEK CODE BLOCK----- Version: 3.1 GAT/O/>E$ d-(---)>+ s:(+)>: a--(-)>? C++++$(+++) UL++++>++++$ P-(+)>++ L+++>++++$ E---(-)@ W+++>+++$ !N@ o? !K? W--(---) !O !M- V-- PS++(+++) PE--(-) Y+ PGP++(+++) t+(++) 5-- X++ R*(+)@ !tv b-() DI(+) D+(+++) G(+) e>++++$@ h++(*) r-->++ y--()>++++ -- ---END GEEK CODE BLOCK------ -- Check out these few php utilities that I released under the GPL2 and that are meant for use with a php cli binary: http://www.vlaamse-kern.com/sas/ ----
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
- Next message: Greg Donald: "Re: [PHP] how to know whether web server of a remote machine is running or not"
- Previous message: Mikey: "RE: [PHP] Accessible HTML - OT"
- In reply to: Deep: "[PHP] Password encryption and password retrieval"
- Next in thread: Philip Hallstrom: "Re: [PHP] Password encryption and password retrieval"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
