On Wed, Jul 29, 2009 at 3:54 PM, oshells <oshe...@gmail.com> wrote: > > I used Abraham examples to implement OAuth into Elgg v0.9.2 (last > version of an open source social network platform). > It`s working as it should be, but I also made further thinking (if by > any chance OAuth gets down) and the first time users join our website > they must complete a "one time" signup process, allowing us to have > the missing parts from theyr account (email - any email they might > choose) and also let them set theyr username/password . > Now, even if theyr password is the same as for twitter it`s md5 > encripted and no-one, neither the admins can use it in a "non-right > way". > > You realize of course that MD5 is compromised and relatively worthless, right? SHA512 baby.
Thanks- - Andy Badera - and...@badera.us - Google me: http://www.google.com/search?q=andrew+badera - This email is: [ ] bloggable [x] ask first [ ] private