On 30/11/06, James Bennett <[EMAIL PROTECTED]> wrote:
> In general, I think this is a tradeoff we've had to make to have
> Django be as useful as it is -- the goal isn't to satisfy *every* case
> out of the box, but to satisfy *common* cases out of the box with the
> ability to extend things as
On 11/30/06, Felix Ingram <[EMAIL PROTECTED]> wrote:
> The 'right' way of securing an application is very much dependant on
> the application itself and the function it is trying to perform.
> Storing password hashes is a way to mitigate the risks associated with
> someone gaining access to the
On 29/11/06, Jacob Kaplan-Moss <[EMAIL PROTECTED]> wrote:
>
> On 11/29/06 12:50 PM, Clint74 wrote:
> > I need to send the password to the user(email), but how recover the raw
> > password once the database stores in this format:
>
> You can't; that's the point of hashing it. The right (read:
On Nov 29, 2006, at 10:50 AM, Clint74 wrote:
>
> Hi,
>
> I need to send the password to the user(email), but how recover the
> raw
> password once the database stores in this format:
>
> hashType$salt$hash
> sha1$6070e$d3a0c5d565deb4318ed607be9706a98535ec7968
You cannot recover the password
> One generally has a facility to reset the password by
> ...
> The user can then log in with the new password,
> and be directed to change it to a known password.
I will try this approach.
Thanks everybody
--~--~-~--~~~---~--~~
You received this message
ThankĀ“s Jacob,
I missed something indeed.
Regards
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this
On 11/29/06, Clint74 <[EMAIL PROTECTED]> wrote:
> I need to send the password to the user(email), but how recover the raw
> password once the database stores in this format:
>
> hashType$salt$hash
> sha1$6070e$d3a0c5d565deb4318ed607be9706a98535ec7968
You can't, and that's the point of storing a
On 11/29/06 12:50 PM, Clint74 wrote:
> I need to send the password to the user(email), but how recover the raw
> password once the database stores in this format:
You can't; that's the point of hashing it. The right (read: secure) way to
deal with this is to *reset* the user's password
> I need to send the password to the user(email), but how
recover the raw
> password once the database stores in this format:
>
> hashType$salt$hash
> sha1$6070e$d3a0c5d565deb4318ed607be9706a98535ec7968
Hashing is generally a one-way process (like making hamburger out
of cow) that prevents
not possible, I think.
solutions:
1. send the password before you save the user
2. store the raw password somewhere (not so good)
patrick
Am 29.11.2006 um 19:50 schrieb Clint74:
>
> Hi,
>
> I need to send the password to the user(email), but how recover the
> raw
> password once the
10 matches
Mail list logo
