[Prev] Thread [Next]  |  [Prev] Date [Next]

[CommunityEngine] Re: Passwords - Unencrypt LostyJai Mon Jun 15 02:00:59 2009

Thanks for that guys, I appreciate it.

Just sometimes I get users saying their newly resetted passwords are
not working. Most of the time this is a user problem.

Would you people be able to suggest any options to avoid these kind of
problems? (make it more easier?)

On Jun 14, 4:52 am, Levi Rosol <[EMAIL PROTECTED]> wrote:
> The functionality for a user to reset their own password is already built
> into CE.
> To maintain a secure system, no one, not even administrators should be able
> to see what a users password is. CE does a great job of this by hashing this
> information, and also providing users with a way to reset their information
> if it is lost.
> --
> Levi Rosol
> Twitter: @LeviRosol
> On Sat, Jun 13, 2009 at 1:47 PM, Carl Fyffe <[EMAIL PROTECTED]> wrote:
> > Your exac request isn't possible because he passwords are not
> > encrypted, they are hashed, which is basically a one way encryption
> > that is very fast. Everytime a user does a login, the submitted
> > password is rehashed and the result is checked against what is stored.
> > I would suggest creating a way for the users to "reset" their
> > password. This would create a new random password and email it to the
> > address you have in the system. Hen, when they login, they can change
> > their password to something more memorable. This would take you out of
> > the loop at least.
> > On 6/12/09, LostyJai <[EMAIL PROTECTED]> wrote:
> > > Hi,
> > > I keep of getting users emailing me regarding their passwords not
> > > working.
> > > This usually is a human error, but I wish to be able to see the users
> > > passwords and be able to tell them that they've entered their
> > > passwords incorrectly.
> > > How would I go about unencrypting the passwords stored in the
> > > database?
> > > Thanks!
You received this message because you are subscribed to the Google Groups 
"CommunityEngine" group.
To post to this group, send email to [EMAIL PROTECTED]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at