Any updates on this? As eksatx mentioned, there's gotta be some sequence that causes this error. I wonder if maybe users are clicking the reset button more than once real fast and it generates two new random passwords but for some reason only sends out an email for the first one? Not sure if that's possible, but trying to figure out what causes it. I now get about 5-10 emails a day from users saying the reset doesn't work at all. Is this happening to anyone else?
On Jul 10, 6:43 pm, eksatx <[email protected]> wrote: > I also have had a couple users report this issue. However, when I > create a test user from scratch, I am able to reset the password just > fine. There must be some specific sequence of steps that leads to the > problem. > > On Jul 10, 10:08 am, shiftshane <[email protected]> wrote: > > > Users on my site are having the same issues. I'm on a really old > > version of CE. I'm wondering if there has been a fix for this? I get > > about 10 users a week emailing me saying the password that was reset > > by the system doesn't work. > > > When I try resetting mine, it works fine. I was chalking it up to user > > error, but it seems like it's some random bug or something. Anyone > > else been having this issue? It's been going on for the past few > > months. > > > On Jun 13, 9:27 pm, LostyJai <[email protected]> wrote: > > > > Thanks for that guys, I appreciate it. > > > > Just sometimes I get users saying their newly resetted passwords are > > > not working. Most of the time this is a user problem. > > > > Would you people be able to suggest any options to avoid these kind of > > > problems? (make it more easier?) > > > > On Jun 14, 4:52 am, Levi Rosol <[email protected]> wrote: > > > > > The functionality for a user toresettheir own password is already built > > > > into CE. > > > > > To maintain a secure system, no one, not even administrators should be > > > > able > > > > to see what a users password is. CE does a great job of this by hashing > > > > this > > > > information, and also providing users with a way toresettheir > > > > information > > > > if it is lost. > > > > > -- > > > > Levi Rosol > > > > Twitter: @LeviRosol > > > > > On Sat, Jun 13, 2009 at 1:47 PM, Carl Fyffe <[email protected]> > > > > wrote: > > > > > > Your exac request isn't possible because he passwords are not > > > > > encrypted, they are hashed, which is basically a one way encryption > > > > > that is very fast. Everytime a user does a login, the submitted > > > > > password is rehashed and the result is checked against what is stored. > > > > > > I would suggest creating a way for the users to "reset" their > > > > > password. This would create a new random password and email it to the > > > > > address you have in the system. Hen, when they login, they can change > > > > > their password to something more memorable. This would take you out of > > > > > the loop at least. > > > > > > On 6/12/09, LostyJai <[email protected]> wrote: > > > > > > > Hi, > > > > > > > I keep of getting users emailing me regarding their passwords not > > > > > > working. > > > > > > > This usually is a human error, but I wish to be able to see the > > > > > > users > > > > > > passwords and be able to tell them that they've entered their > > > > > > passwords incorrectly. > > > > > > > How would I go about unencrypting the passwords stored in the > > > > > > database? > > > > > > > Thanks! > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CommunityEngine" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/communityengine?hl=en -~----------~----~----~----~------~----~------~--~---
