| Re: Most secure way to reset a password via email link [message #185164 is a reply to message #185160] |
Wed, 05 March 2014 19:51   |
Denis McMahon
Messages: 634
Registered: September 2010
Karma:
|
Senior Member |
|
|
On Wed, 05 Mar 2014 07:54:35 -0800, jvd_200089 wrote:
> On Wednesday, 5 March 2014 15:35:30 UTC, The Natural Philosopher wrote:
> Yes, email link will point to https:// but when using SSL what wrong
> with just redisplaying the password on the screen
FUCK THE HELL NO!
The ability to display the old password implies that you're either
storing it in the clear (this is worst possible practice) or using a
reversible hashing method (this is the second worst possible practice).
When a user sets a password, it should be one-way hashed[1], and the hash
stored. When a user tries to log in, apply the same one way hashing
function, and check the hash of the supplied password with the stored
hash of the original password.
Never ever ever ever store passwords in a manner that they can be
recovered, because when your database gets hacked (and the whole world
now knows you have a database of passwords waiting to be hacked that
might be stored in the clear) all your customers passwords will be
completely compromised almost immediately.
[1] Hashing includes salting.
--
Denis McMahon, denismfmcmahon(at)gmail(dot)com
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]