[Flashcoders] proper way for Flash to store user passwords

2010-03-19 Thread Andrew Sinning
I use SharedObject.getLocal() to store preferences from Flash, but what about passwords? When I log in to gmail, ebay, etc., my passwords are pulled from a "vault", which I have access to by virtue of being logged in to my computer. I can look these up in my browser. What's an acceptable wa

Re: [Flashcoders] proper way for Flash to store user passwords

2010-03-19 Thread Eric E. Dolecki
Try this: http://www.marksanborn.net/php/creating-a-secure-md5-hash-for-storing-passwords-in-a-database/ On Fri, Mar 19, 2010 at 3:36 PM, Andrew Sinning wrote: > I use SharedObject.getLocal() to store preferences from Flash, but what > about passwords? > > When I log in to gmail, ebay, etc., my

Re: [Flashcoders] proper way for Flash to store user passwords

2010-03-19 Thread Henrik Andersson
Eric E. Dolecki wrote: Try this: http://www.marksanborn.net/php/creating-a-secure-md5-hash-for-storing-passwords-in-a-database/ I would assume that he does not need to know how to store it on the server. He wants to know how to store the password securely on the client. _

Re: [Flashcoders] proper way for Flash to store user passwords

2010-03-19 Thread Mark Winterhalder
> When I log in to gmail, ebay, etc., my passwords are pulled from a "vault", > which I have access to by virtue of being logged in to my computer.  I can > look these up in my browser. ...and that's why you should leave it as part of the HTML. Some users use password managers for their browsers t

Re: [Flashcoders] proper way for Flash to store user passwords

2010-03-19 Thread Andrew Sinning
Since putting the login screen in html isn't an option, then should I just make the user re-enter their password everytime, or would it be appropriate to include a "Remember my password on this computer" check box and then use a local SharedObject if they allow it? Mark Winterhalder wrote: Wh

Re: [Flashcoders] proper way for Flash to store user passwords

2010-03-19 Thread Mark Winterhalder
On Fri, Mar 19, 2010 at 8:43 PM, Eric E. Dolecki wrote: > Try this: > > http://www.marksanborn.net/php/creating-a-secure-md5-hash-for-storing-passwords-in-a-database/ Relevant: ___ Flashcoders m

Re: [Flashcoders] proper way for Flash to store user passwords

2010-03-19 Thread Mark Winterhalder
On Fri, Mar 19, 2010 at 10:05 PM, Andrew Sinning wrote: > Since putting the login screen in html isn't an option, then should I just > make the user re-enter their password everytime, or would it be appropriate > to include a "Remember my password on this computer" check box and then use > a local

Re: [Flashcoders] proper way for Flash to store user passwords

2010-03-19 Thread Andrew Sinning
The session id option is great, and more user friendly, too. Mark Winterhalder wrote: On Fri, Mar 19, 2010 at 10:05 PM, Andrew Sinning wrote: Since putting the login screen in html isn't an option, then should I just make the user re-enter their password everytime, or would it be appropriat