The only really secure way is to store the password encrypted.
For example, in mysql:
INSERT INTO USERS (USERNAME, PWORD) VALUES ('foo', MD5('bar');
SELECT FROM USERS WHERE USERNAME='foo' AND PWORD=MD5('bar');
Like the other person said.. you can never "retrieve a forgotten
password" when you do this... you'd have to reset it for them and then
provide the new password to them, because there is no way of decrypting
the password that's stored in the database (theoretically)
- Rick
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
- Scrambling Data C. Hatton Humphrey
- RE: Scrambling Data Barney Boisvert
- RE: Scrambling Data cf-talk
- RE: Scrambling Data Barney Boisvert
- RE: Scrambling Data Rick Root
- RE: Scrambling Data Mosh Teitelbaum
- RE: Scrambling Data Tom Kitta
- RE: Scrambling Data Mosh Teitelbaum
- RE: Scrambling Data C. Hatton Humphrey
- RE: Scrambling Data Ian Skinner
- RE: Scrambling Data C. Hatton Humphrey
- RE: Scrambling Data Dave Watts
- RE: Scrambling Data Dave Watts
- Re: RE: Scrambling Data ksuh