As for the hashed non-hashed password question. The forgot my password scenario in semi-secure systems is managed by "skill testing questions" which can then allow a new password to be generated and emailed to a stored email address. Then allow user to change to their password.
I tend to think hashed passwords are a security minimum, but i guess there could be room to move on this. ----- Original Message ----- > On Thu, Nov 22, 2001 at 11:26:59AM -0800, Tavis Rudd wrote: > > > >* How are password's stored internally? plain or hashed? > > > > > > They should absolutely *not* be stored as plain (clear?) text. > > Sorry, but that *is* a knee-jerk reaction. There are tradeoffs both > ways, and it should be the app developer's/local administrator's choice. > If passwords are hashed, it's impossible have an "I forgot my password; > mail it to me" screen, because the program cannot unhash the password. > You can say, "Oooh, that's unacceptable," but it all depends on what the > password grants access to. If it's to my bank account, it better be hasned > and behind 128-bit https: . But if it's just to post to a forum or edit > an online profile/resume, maybe it doesn't matter that much and it's > more important to provide convenience instead. Because forcing ppl to > change passwords to something they didn't choose runs another risk: > that they'll forget the password again. > > mod_auth_mysql has a particularly robust design. You can configure > whether passwords are added in plaintext, DES, or MySQL PASSWORD() > format. Then when checking passwords, you can configure several > encryption schemes, so that it will try each scheme in order until > one succeeds or they all fail. > > As for protecting passwords in a database, there are other strategies > besides hashing them. For instance: > > 1) If the password database is on the public server, make sure the db > doesn't accept TCP/IP connections from outside the localhost. Lock down > login access to the machine and aggressively monitor for web script > exploits. > > 2) If the password database is behind a firewall, the public server > hashes the password and sends it to the private server. The private > server makes a temporary hash of the control password and uses that > for comparision. > > -- > -Mike (Iron) Orr, [EMAIL PROTECTED] (if mail problems: [EMAIL PROTECTED]) > http://iron.cx/ English * Esperanto * Russkiy * Deutsch * Espan~ol > > _______________________________________________ > Webware-discuss mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/webware-discuss > _______________________________________________ Webware-discuss mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/webware-discuss
