Hello,
I am new to PHP and am working on a login system for my site,
currently supplied passwords are passed to MySQL and stored as md5 hashes,
my question is :- seeing as md5 is 1 way only what would be the best way to
implement a 'Forgotten Password' system whereby the user supplies an e-mail
address and the password is mailed to the user?
The process does not require military level security but I would like to
keep stored passwords as hashes.
I have an idea on how it can be done but I would like to hear a few other
opinions
8  3291 
Katash,
Generally, when passwords are stored as hashes, the "retrieve password"
option is logically impossible. The "Reset password" option is used
instead, when the new password is mailed to the user in case when he
forget the password.
Sincerelly,
Alexander http://www.alexatnet.com/
Katash wrote: Hello,
I am new to PHP and am working on a login system for my site,
currently supplied passwords are passed to MySQL and stored as md5 hashes,
my question is :- seeing as md5 is 1 way only what would be the best way to
implement a 'Forgotten Password' system whereby the user supplies an e-mail
address and the password is mailed to the user?
The process does not require military level security but I would like to
keep stored passwords as hashes.
I have an idea on how it can be done but I would like to hear a few other
opinions
AlexVN wrote: Katash,
Generally, when passwords are stored as hashes, the "retrieve password"
option is logically impossible. The "Reset password" option is used
instead, when the new password is mailed to the user in case when he
forget the password.
But bear in mind that, if trivially implemented, this *changes* the password
and can therefore be used as a DOS attack against the user.
A better method is:
In the database have columns for an old and new password for each customer.
When the customer logs in (presenting userpass), if the new password is
blank, compare userpass with old password to determine access.
If the new password is not blank, compare new password with userpass - if
they match, set old password = new password, and new password = null.
If the new password is not blank and does not match userpass, compare
userpass with with old password. If it matches then leave new password as
it is.
If a request comes for a new password, calculate the new password for the
user, update the new password in the database, and send out the old
password.
HTH
C.
> I am new to PHP and am working on a login system for my site, currently supplied passwords are passed to MySQL and stored as md5 hashes,
my question is :- seeing as md5 is 1 way only what would be the best way to
implement a 'Forgotten Password' system whereby the user supplies an e-mail
address and the password is mailed to the user?
Keep in mind that the "Forgotten Password" system can and will be used
to mail-bomb a user with his password if you let it be used too often.
The process does not require military level security but I would like to
keep stored passwords as hashes.
The point of keeping stored passwords as hashes is to make it impractical
to get the plaintext password. This is somewhat contrary to the objective
of being able to recover the password. You could keep both. In that
case, why keep the hash?
Gordon L. Burditt
Colin McKinnon wrote: AlexVN wrote:
Katash,
Generally, when passwords are stored as hashes, the "retrieve
password" option is logically impossible. The "Reset password"
option is used instead, when the new password is mailed to the user
in case when he forget the password.
But bear in mind that, if trivially implemented, this *changes* the
password and can therefore be used as a DOS attack against the user.
A better method is:
In the database have columns for an old and new password for each
customer.
When the customer logs in (presenting userpass), if the new password
is blank, compare userpass with old password to determine access.
If the new password is not blank, compare new password with userpass
- if they match, set old password = new password, and new password =
null.
If the new password is not blank and does not match userpass, compare
userpass with with old password. If it matches then leave new
password as it is.
If a request comes for a new password, calculate the new password for
the user, update the new password in the database, and send out the
old password.
HTH
C.
What is the point of the new password field if the user never gets to find
out what the new password is?
I the system I had in mind did involve 'resetting' password, I just wanted
some ideas on how best to implicate it and the associated risks.
Thanks all.
Colin McKinnon wrote: A better method is:
In the database have columns for an old and new password for each customer.
When the customer logs in (presenting userpass), if the new password is
blank, compare userpass with old password to determine access.
If the new password is not blank, compare new password with userpass - if
they match, set old password = new password, and new password = null.
Another common way to do this is to create separate table with two
columns, one holding a random string and the other the user name. A new
record is inserted when the a request for password reset is made. The
random string is then placed into a URL and send to the user's e-mail
address. When he clicks on it, he ends up at a page where he can enter
a new password. The script will use the random string to look-up the
account.
>I the system I had in mind did involve 'resetting' password, I just wanted some ideas on how best to implicate it and the associated risks.
Keep in mind that a "forgotten password" link can be used to mail-bomb
a user with emails giving them links to reset the password, regardless
of whether anyone ever knows or tries to use the password ever
again.
If you're emailing the user a link to use to reset his password,
keep in mind several things:
- The link should expire after a relatively short period of time (e.g. 3 days)
- You should limit the number of such active links at a time for any one
user (but the limit probably shouldn't be *1*, as the first one may get
lost in the user's spam filter).
- Use good random numbers as identifiers for the link, preferably not based
on the time the "forgot password" link was clicked and not based on
user personal information.
- The link should expire immediately if it is used successfully.
Gordon L. Burditt
Paul Lautman wrote: Colin McKinnon wrote: AlexVN wrote:
Katash,
Generally, when passwords are stored as hashes, the "retrieve
password" option is logically impossible. The "Reset password"
option is used instead, when the new password is mailed to the user
in case when he forget the password.
But bear in mind that, if trivially implemented, this *changes* the
password and can therefore be used as a DOS attack against the user.
A better method is:
In the database have columns for an old and new password for each
customer.
When the customer logs in (presenting userpass), if the new password
is blank, compare userpass with old password to determine access.
If the new password is not blank, compare new password with userpass
- if they match, set old password = new password, and new password =
null.
If the new password is not blank and does not match userpass, compare
userpass with with old password. If it matches then leave new
password as it is.
If a request comes for a new password, calculate the new password for
the user, update the new password in the database, and send out the
old password.
HTH
C.
What is the point of the new password field if the user never gets to find
out what the new password is?
Doh! Last paragraph should read:
If a request comes for a new password, calculate the new password for
the user, update the new password in the database, and send the unencrypted
new password to the user.
(The point being that if person B claims to be person A and asks for a new
password, person A can log in using either their old (legitimate) password
or the unsollicited one which is subsequently mailed out to them).
C. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: deko |
last post by:
I want to use htaccess for authentication on my php site since I only have a
few users who need access to secure areas. So, I created a new directory
off public_html (secretDocs) and in that...
|
by: john brown |
last post by:
There is a web page that I access frequently and would like to
automate the authentication of the username and password. I would
like to user a perl script but I'm not really sure about the steps....
|
by: Alfred E. Newman |
last post by:
I want to enable visitors who have forgotten their password to request a new
one. I have seen that some sites simply require users to enter their e-mail
address. Then the server-side logic sends...
|
by: Bhanu Murthy |
last post by:
I shall be grateful if any body guide me to know where the password is stored in my database. I designed long back., now I have forgotten. Lot of data is there. People are using for the past 5...
|
by: Andrew Murray |
last post by:
I'm a novice at coding and cannot get the script below to work I'm
receiving an Error 500 in the web browser when trying to run this script.
The site is www.murraywebs.com and the link is...
|
by: twomt |
last post by:
Hello,
are there any tutorials/guides out there that explain how to handle this
subject?
I was thinking of having a member enter his username and email, after
which I then email him a new...
|
by: Albert |
last post by:
Hi,
i want to send the recovered password using Maildefinition. But i don't find
any "password" to add to the control PasswordRecovery1 as body of the email.
It works but only the username is in...
|
by: CloudSolutions |
last post by:
Introduction:
For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
|
by: ryjfgjl |
last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
| |
