By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,830 Members | 1,724 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,830 IT Pros & Developers. It's quick & easy.

how is a password sent with PasswordRecovery?

P: n/a
Ben
Hi,

when a password is sent to the user via email with the PasswordRecovery
control, is it sent in "clear" even if the password is hashed or encrypted?

Thanks
Ben
Apr 20 '07 #1
Share this Question
Share on Google+
3 Replies


P: n/a
You can only use this if you have stored your passwords with the cleartext
option. Otherwise, normally only a hash is stored, and so you would need to
generate a new password for the user and email that to them.
Peter

--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net


"Ben" wrote:
Hi,

when a password is sent to the user via email with the PasswordRecovery
control, is it sent in "clear" even if the password is hashed or encrypted?

Thanks
Ben
Apr 20 '07 #2

P: n/a
Ben
Thanks for replying.
May i ask this:
1) The new generated hashed password sent to the mailadrress, is it sent in
"clear"?
2) if the passwordformat is encrypted, no passwordrecovery is then possible
or a new one must be generated ?

Thanks

"Peter Bromberg [C# MVP]" <pb*******@yahoo.yabbadabbadoo.comschreef in
bericht news:95**********************************@microsof t.com...
You can only use this if you have stored your passwords with the cleartext
option. Otherwise, normally only a hash is stored, and so you would need
to
generate a new password for the user and email that to them.
Peter

--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net


"Ben" wrote:
>Hi,

when a password is sent to the user via email with the PasswordRecovery
control, is it sent in "clear" even if the password is hashed or
encrypted?

Thanks
Ben

Apr 20 '07 #3

P: n/a
Ben
Thanks.
The answer is:
1) yes
2) clear or encrypted: can be sent (both as cleartext); hashed: must be
reset (new pw).
"Ben" <kn*@shdv.sdschreef in bericht
news:%2****************@TK2MSFTNGP03.phx.gbl...
Thanks for replying.
May i ask this:
1) The new generated hashed password sent to the mailadrress, is it sent
in "clear"?
2) if the passwordformat is encrypted, no passwordrecovery is then
possible or a new one must be generated ?

Thanks

"Peter Bromberg [C# MVP]" <pb*******@yahoo.yabbadabbadoo.comschreef in
bericht news:95**********************************@microsof t.com...
>You can only use this if you have stored your passwords with the
cleartext
option. Otherwise, normally only a hash is stored, and so you would need
to
generate a new password for the user and email that to them.
Peter

--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net


"Ben" wrote:
>>Hi,

when a password is sent to the user via email with the PasswordRecovery
control, is it sent in "clear" even if the password is hashed or
encrypted?

Thanks
Ben


Apr 20 '07 #4

This discussion thread is closed

Replies have been disabled for this discussion.