On 08/16/11 02:08, Richard Quadling wrote:
> Take a look at https://code.google.com/p/loginsystem-rd/
>
> Whilst it is just a login system, the techniques here could be adapted
> and probably learned from (if you are new to security).
Ah, that looks interesting. Thanks for the link!
James
--
On 08/16/11 01:30, Lester Caine wrote:
> All the good sites simply don't have that capability ...
> Much safer rather than 'recovering' a password is to identify the user,
> and send them a temporary password which they have to change when they
> log in. This way nobody is allowed access existing
On 2011-08-16, at 5:08 AM, Richard Quadling wrote:
> On 16 August 2011 09:14, James Colannino wrote:
>> Hi everyone,
>>
>> I don't post all that often, so I hope my (mildly) off-topic question
>> won't be too unwelcome... Keep in mind that I'm still pretty new when
>> it comes to security, s
On 16 August 2011 09:14, James Colannino wrote:
> Hi everyone,
>
> I don't post all that often, so I hope my (mildly) off-topic question
> won't be too unwelcome... Keep in mind that I'm still pretty new when
> it comes to security, so what I propose may or may not sound incredibly
> dumb (you ha
James Colannino wrote:
If it matches the unencrypted version stored in the
database, you know you have the correct answer, and use it to decrypt
the user's password and send it to the email the user has setup for
their account.
All the good sites simply don't have that capability ...
Much safer
Hi everyone,
I don't post all that often, so I hope my (mildly) off-topic question
won't be too unwelcome... Keep in mind that I'm still pretty new when
it comes to security, so what I propose may or may not sound incredibly
dumb (you have been warned! :-P)
I'm working on a project in PHP, a toy
6 matches
Mail list logo
