Fmdpa Posted September 25, 2010 Share Posted September 25, 2010 What would be a good way to let the user access their account while still keeping the passwords hashed? Some sites have a feature where you can enter your email, and it will send the password of the account associated with that address to that address. But how do they do that while not compromising the security of the database? Is there a better way to do this? Link to comment Share on other sites More sharing options...
Synook Posted September 25, 2010 Share Posted September 25, 2010 Usually when that happens, the application resets their password to something random, updates the database, and sends the new password to the user via email (encouraging them to change it immediately). Link to comment Share on other sites More sharing options...
wirehopper Posted September 25, 2010 Share Posted September 25, 2010 As Synook said.My application does the following as well -The password is sent without the username, so someone reading the email can't use it unless they also know the username. This won't work if the username is the email (obviously).The application claims to have sent the new password, even if the email isn't in the system. This prevents the user from identifying users in the system.There's a lockout for invalid login attempts, after 5 tries, the account is locked for 15 minutes. Lock clears automatically. Invalid login attempt counter clears after successful login.The new password is very long, annoying, and impossible to remember. This ensures the user will change it.Another good practice is to expire the new password after an hour or two. The user can request another password later if they didn't finish the reset process fairly quickly. Link to comment Share on other sites More sharing options...
Fmdpa Posted September 25, 2010 Author Share Posted September 25, 2010 Thanks for the ideas! Link to comment Share on other sites More sharing options...
justsomeguy Posted September 26, 2010 Share Posted September 26, 2010 Some applications also use an encryption method instead of hashing, so that the passwords can be decrypted also. Link to comment Share on other sites More sharing options...
Fmdpa Posted September 29, 2010 Author Share Posted September 29, 2010 But if an encrypted password can be decrypted, then what's the sense of doing it in the first place? Maybe I could salt it... Link to comment Share on other sites More sharing options...
Synook Posted September 29, 2010 Share Posted September 29, 2010 Well, the point is you encrypt it in a way so that only you can decrypt it, through the use of a private key or otherwise. Link to comment Share on other sites More sharing options...
justsomeguy Posted September 29, 2010 Share Posted September 29, 2010 Right, encryption involves the use of keys and various algorithms. There's no need to salt the value, but you can combine several encryption algorithms into something suitably complex that someone wouldn't be able to reverse it without seeing your code. You use keys so that even if they know the algorithm they don't know your specific key. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.