their password, or have the registrant put in a hint phrase or something
that would help jog their memory that you could first send to them to
see if that helps. This way, you can keep securely encrypted
passphrases in your DB, and it's up to the user to remember their login
information. If they forget, they can go to the one-shot URL, input a
new one, and be done with it.
- Jim
Tim Laureska wrote:
> Hey... thanks for the reply... somewhere I read that hashing doesn't
> work when you email the password to the registrant... is that true?
>
> -----Original Message-----
> From: Critter [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, November 05, 2003 12:50 PM
> To: CF-Talk
> Subject: Re: PW encryption/decryption
>
> oi Tim!!
>
> why not just hash the passwords as they go into the db.... then check
> the hashed entered password
> against the db value... why bother with decrypting....
>
> --
>
> ------------------------------------
> Wednesday, November 5, 2003, 12:24:36 PM, you wrote:
>
> TL> Well... I've spent at least 40 hrs on this and even help from Peter
> TL> Tilbrook and Tony did not solve the dilemma... would anybody be
> TL> available to look at some code I've set up for a user registration
> TL> password encryption scenario
> TL> (used http://tutorial113.easycfm.com as a basis)
>
> TL> I just don't get it... it works sometimes and not others... I'd be
> TL> willing to send files/database etc... even pay someone at this point
> ...
> TL> I've thrown my hands up... I really don't want to put plain text
> TL> passwords in the DB, but I'm a hair away from doing just that
>
> TL> You can see it NOT work at
> TL> http://www.talbotcounty.org/employ/seekers/seeker_registration2.cfm
>
> TL> Tim
>
> TL>
>
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
