On Thursday 22 November 2001 13:40, Mike Orr wrote: > On Thu, Nov 22, 2001 at 11:26:59AM -0800, Tavis Rudd wrote: > > > >* How are password's stored internally? plain or hashed? > > > > > > They should absolutely *not* be stored as plain (clear?) text. > > Sorry, but that *is* a knee-jerk reaction. There are tradeoffs > both ways, and it should be the app developer's/local > administrator's choice. If passwords are hashed, it's impossible > have an "I forgot my password; mail it to me" screen, because the > program cannot unhash the password. You can say, "Oooh, that's > unacceptable," but it all depends on what the password grants > access to. If it's to my bank account, it better be hasned and > behind 128-bit https: . But if it's just to post to a forum or > edit an online profile/resume, maybe it doesn't matter that much > and it's more important to provide convenience instead. Because > forcing ppl to change passwords to something they didn't choose > runs another risk: that they'll forget the password again.
There's ways around this that don't require storage of passwords in clear text. For example, a fall-back challenge question can be used in combination with an email address. The user forgets their password, clicks 'send me a reminder', the server sends an email with a randomized URI the user can go to for the next 30 minutes and change their password. Once they go to the URI they must answer the challenge question correctly before changing their password. The response to the challenge question would also be hashed. The password change would only truly be secure if it was encrypted via SSL, but you could use the javascript implementation md5 to send a hash of the new password instead of clear text when SSL is not available. _______________________________________________ Webware-discuss mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/webware-discuss
