FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Most secure way to reset a password via email link
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Most secure way to reset a password via email link [message #185159 is a reply to message #185158] Wed, 05 March 2014 15:35 Go to previous messageGo to previous message
The Natural Philosoph is currently offline  The Natural Philosoph
Messages: 993
Registered: September 2010
Karma:
Senior Member
On 05/03/14 14:56, Ben Bacarisse wrote:
> I would make one recommendation:
> don't store passwords directly -- always hash them internally. That
> way, an accidental or malicious release of the database (which just
> seems to happen time and time again) won't reveal actual passwords.
> Some effort (and you can make it significant effort) would be required
> to recover the password from the hash. Also, users often re-use
> passwords and you won't placate a user whose been told that their
> favourite password is now out in the open by saying that they should not
> have used it for more than one site -- no matter how true that is!

This is absolutely true and so trivial a matter to do: Unix/linux does
that with user passwords, so too does mysql, and php and mysql both
provide simple methods to generate a hash from a passwords that can be
compared with the stored value.

My final solution is like that.

Also cookies are reset EVERY TIME a user uses a 'secure page'.

So the valid cookie is constantly changing. That way two users with the
same identity will 'log each other out' and a stolen laptop with a
cookie stored in it from a previous sessions still wont access the
database..its no longer valid.Although stored passwords will of course..

Then always use https to avoid man in the middle attacks

Finally as proof against sysadmins, encrypt any sensitive data in the
database.

I use a second cookie which when combined with the first will elucidate
the key..of course the mechanism for doing that is sadly on the server,
and could be cracked, but stealing the database is not enough to reveal
the information. You also need the key generator.

AND then a valid pair of cookies. which the sysadmin normally wouldn't
have, since the cookies are generated on the fly by code..

obviously if he has the time to puzzle through the code, he can
duplicate the functionality..But its not a 5 minute 'steal the mysql files'

But the most compelling thing you must do when addressing security is
NOT use a hosted web server. Use a personally managed virtual private
server. You will need to go deep into the OS to adjust logging and send
warning emails and so on.

security is never complete. But making it hard and closing simpler
loopholes is the game.

Today, to steal a car, you need to get the owner to give you the keys.
It's not a 5 minute job at the kerbside.

Getting access to peoples' names and logins should be similar.



--
Ineptocracy

(in-ep-toc’-ra-cy) – a system of government where the least capable to
lead are elected by the least capable of producing, and where the
members of society least likely to sustain themselves or succeed, are
rewarded with goods and services paid for by the confiscated wealth of a
diminishing number of producers.
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: simple link won't show
Next Topic: Need help accessing the key array.
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Wed Nov 27 06:05:23 GMT 2024

Total time taken to generate the page: 0.04448 seconds