Hello,
I am new to PHP and am working on a login system for my site,
currently supplied passwords are passed to MySQL and stored as md5 hashes,
my question is :- seeing as md5 is 1 way only what would be the best way to
implement a 'Forgotten Password' system whereby the user supplies an e-mail
address and the password is mailed to the user?
The process does not require military level security but I would like to
keep stored passwords as hashes.
I have an idea on how it can be done but I would like to hear a few other
opinions
8  3312 
Katash,
Generally, when passwords are stored as hashes, the "retrieve password"
option is logically impossible. The "Reset password" option is used
instead, when the new password is mailed to the user in case when he
forget the password.
Sincerelly,
Alexander http://www.alexatnet.com/
Katash wrote: Hello,
I am new to PHP and am working on a login system for my site,
currently supplied passwords are passed to MySQL and stored as md5 hashes,
my question is :- seeing as md5 is 1 way only what would be the best way to
implement a 'Forgotten Password' system whereby the user supplies an e-mail
address and the password is mailed to the user?
The process does not require military level security but I would like to
keep stored passwords as hashes.
I have an idea on how it can be done but I would like to hear a few other
opinions
AlexVN wrote: Katash,
Generally, when passwords are stored as hashes, the "retrieve password"
option is logically impossible. The "Reset password" option is used
instead, when the new password is mailed to the user in case when he
forget the password.
But bear in mind that, if trivially implemented, this *changes* the password
and can therefore be used as a DOS attack against the user.
A better method is:
In the database have columns for an old and new password for each customer.
When the customer logs in (presenting userpass), if the new password is
blank, compare userpass with old password to determine access.
If the new password is not blank, compare new password with userpass - if
they match, set old password = new password, and new password = null.
If the new password is not blank and does not match userpass, compare
userpass with with old password. If it matches then leave new password as
it is.
If a request comes for a new password, calculate the new password for the
user, update the new password in the database, and send out the old
password.
HTH
C.
> I am new to PHP and am working on a login system for my site, currently supplied passwords are passed to MySQL and stored as md5 hashes,
my question is :- seeing as md5 is 1 way only what would be the best way to
implement a 'Forgotten Password' system whereby the user supplies an e-mail
address and the password is mailed to the user?
Keep in mind that the "Forgotten Password" system can and will be used
to mail-bomb a user with his password if you let it be used too often.
The process does not require military level security but I would like to
keep stored passwords as hashes.
The point of keeping stored passwords as hashes is to make it impractical
to get the plaintext password. This is somewhat contrary to the objective
of being able to recover the password. You could keep both. In that
case, why keep the hash?
Gordon L. Burditt
Colin McKinnon wrote: AlexVN wrote:
Katash,
Generally, when passwords are stored as hashes, the "retrieve
password" option is logically impossible. The "Reset password"
option is used instead, when the new password is mailed to the user
in case when he forget the password.
But bear in mind that, if trivially implemented, this *changes* the
password and can therefore be used as a DOS attack against the user.
A better method is:
In the database have columns for an old and new password for each
customer.
When the customer logs in (presenting userpass), if the new password
is blank, compare userpass with old password to determine access.
If the new password is not blank, compare new password with userpass
- if they match, set old password = new password, and new password =
null.
If the new password is not blank and does not match userpass, compare
userpass with with old password. If it matches then leave new
password as it is.
If a request comes for a new password, calculate the new password for
the user, update the new password in the database, and send out the
old password.
HTH
C.
What is the point of the new password field if the user never gets to find
out what the new password is?
I the system I had in mind did involve 'resetting' password, I just wanted
some ideas on how best to implicate it and the associated risks.
Thanks all.
Colin McKinnon wrote: A better method is:
In the database have columns for an old and new password for each customer.
When the customer logs in (presenting userpass), if the new password is
blank, compare userpass with old password to determine access.
If the new password is not blank, compare new password with userpass - if
they match, set old password = new password, and new password = null.
Another common way to do this is to create separate table with two
columns, one holding a random string and the other the user name. A new
record is inserted when the a request for password reset is made. The
random string is then placed into a URL and send to the user's e-mail
address. When he clicks on it, he ends up at a page where he can enter
a new password. The script will use the random string to look-up the
account.
>I the system I had in mind did involve 'resetting' password, I just wanted some ideas on how best to implicate it and the associated risks.
Keep in mind that a "forgotten password" link can be used to mail-bomb
a user with emails giving them links to reset the password, regardless
of whether anyone ever knows or tries to use the password ever
again.
If you're emailing the user a link to use to reset his password,
keep in mind several things:
- The link should expire after a relatively short period of time (e.g. 3 days)
- You should limit the number of such active links at a time for any one
user (but the limit probably shouldn't be *1*, as the first one may get
lost in the user's spam filter).
- Use good random numbers as identifiers for the link, preferably not based
on the time the "forgot password" link was clicked and not based on
user personal information.
- The link should expire immediately if it is used successfully.
Gordon L. Burditt
Paul Lautman wrote: Colin McKinnon wrote: AlexVN wrote:
Katash,
Generally, when passwords are stored as hashes, the "retrieve
password" option is logically impossible. The "Reset password"
option is used instead, when the new password is mailed to the user
in case when he forget the password.
But bear in mind that, if trivially implemented, this *changes* the
password and can therefore be used as a DOS attack against the user.
A better method is:
In the database have columns for an old and new password for each
customer.
When the customer logs in (presenting userpass), if the new password
is blank, compare userpass with old password to determine access.
If the new password is not blank, compare new password with userpass
- if they match, set old password = new password, and new password =
null.
If the new password is not blank and does not match userpass, compare
userpass with with old password. If it matches then leave new
password as it is.
If a request comes for a new password, calculate the new password for
the user, update the new password in the database, and send out the
old password.
HTH
C.
What is the point of the new password field if the user never gets to find
out what the new password is?
Doh! Last paragraph should read:
If a request comes for a new password, calculate the new password for
the user, update the new password in the database, and send the unencrypted
new password to the user.
(The point being that if person B claims to be person A and asks for a new
password, person A can log in using either their old (legitimate) password
or the unsollicited one which is subsequently mailed out to them).
C. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: deko |
last post by:
I want to use htaccess for authentication on my php site since I only have a
few users who need access to secure areas. So, I created a new directory
off public_html (secretDocs) and in that directory there is a .htaccess file
that looks like this:
AuthType Basic
AuthName "someuser"
AuthUserFile "/home/mydirectory/.htpasswds/secretDocs/passwd"
require valid-user
|
by: john brown |
last post by:
There is a web page that I access frequently and would like to
automate the authentication of the username and password. I would
like to user a perl script but I'm not really sure about the steps.
If someone could point me in the right direction. I don't know if
it's this simple but wouldn't it just be a matter of using the LWP
module. Calling the webpage and passing in the parameters? Any help
would be appreciated.
<html>...
|
by: Alfred E. Newman |
last post by:
I want to enable visitors who have forgotten their password to request a new
one. I have seen that some sites simply require users to enter their e-mail
address. Then the server-side logic sends the password (perhaps a new
temporary one) to the e-mail address if it is a valid address in the db for
the site.
I'm looking for opinions and perspective on implementing something similar.
I understand that doing this would open up additional...
|
by: Bhanu Murthy |
last post by:
I shall be grateful if any body guide me to know where the password is stored in my database. I designed long back., now I have forgotten. Lot of data is there. People are using for the past 5 years. Now, I want to do some modifications, but I have forgotten. Please help me.
with regards
Bhanu
|
by: Andrew Murray |
last post by:
I'm a novice at coding and cannot get the script below to work I'm
receiving an Error 500 in the web browser when trying to run this script.
The site is www.murraywebs.com and the link is 'Retrieve Password' under the
logon form. the idea is to submit an email address and the password is
emailed to the user. (a very "basic" but common function of user management
systems).
The script(s) I'm using are based on...
| | |
by: twomt |
last post by:
Hello,
are there any tutorials/guides out there that explain how to handle this
subject?
I was thinking of having a member enter his username and email, after
which I then email him a new password.
Question from my side is if there is a php method to auto generate a
strong password.
|
by: Albert |
last post by:
Hi,
i want to send the recovered password using Maildefinition. But i don't find
any "password" to add to the control PasswordRecovery1 as body of the email.
It works but only the username is in the email, not the recovered password.
Any idea how to do that?
thanks
Albert
<asp:PasswordRecovery ID="PasswordRecovery1" runat="server"
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
| | |
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
