Reply to Re: Password encryption or not!

Your name:

Reply:


Posted by d on 01/19/06 17:30

"Oli Filth" <catch@olifilth.co.uk> wrote in message
news:xaNzf.5581$Kt5.678@newsfe6-gui.ntli.net...
>d said the following on 19/01/2006 09:52:
>> "cosmoKen" <kleprado@gmail.com> wrote in message
>> news:1137597770.230051.17970@f14g2000cwb.googlegroups.com...
>>> Why don't you generate a new random password when somebody wants to get
>>> a forgotten password ?
>>> So you have encrypted password without keys
>>
>> Because some sites don't want to provide new passwords to people every
>> time they forget, as that's forcing the user to compromise for your
>> security needs, which may be easier, but is not easier from the
>> customer's perspective. phew. :)
>
> How is sending a new password to the user (by e-mail) any less secure than
> sending their original password?

I never said that :) I was saying that sending the current password to the
user is easier for the user than sending them a new one. The only reason
one would send them a new password is because their password isn't readable
on the server. That's done through security needs of the server, as opposed
to desired functionality.

Sorry if I wasn't clear enough on that.

>
> --
> Oli

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация