communityengine

[Prev] Thread [Next]  |  [Prev] Date [Next]

[CommunityEngine] Re: Passwords - Unencrypt Levi Rosol Mon Jun 15 02:00:41 2009

The functionality for a user to reset their own password is already built
into CE.

To maintain a secure system, no one, not even administrators should be able
to see what a users password is. CE does a great job of this by hashing this
information, and also providing users with a way to reset their information
if it is lost.

--
Levi Rosol
Twitter: @LeviRosol



On Sat, Jun 13, 2009 at 1:47 PM, Carl Fyffe <[EMAIL PROTECTED]> wrote:

>
> Your exac request isn't possible because he passwords are not
> encrypted, they are hashed, which is basically a one way encryption
> that is very fast. Everytime a user does a login, the submitted
> password is rehashed and the result is checked against what is stored.
>
> I would suggest creating a way for the users to "reset" their
> password. This would create a new random password and email it to the
> address you have in the system. Hen, when they login, they can change
> their password to something more memorable. This would take you out of
> the loop at least.
>
> On 6/12/09, LostyJai <[EMAIL PROTECTED]> wrote:
> >
> > Hi,
> >
> > I keep of getting users emailing me regarding their passwords not
> > working.
> >
> > This usually is a human error, but I wish to be able to see the users
> > passwords and be able to tell them that they've entered their
> > passwords incorrectly.
> >
> > How would I go about unencrypting the passwords stored in the
> > database?
> >
> > Thanks!
> > >
> >
>
> >
>

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"CommunityEngine" group.
To post to this group, send email to [EMAIL PROTECTED]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/communityengine?hl=en
-~----------~----~----~----~------~----~------~--~---