PHP, Md5, and password retreival forms..

cu*******@gmail.com schreef:

I have designed a site that requires users to login. Me being new to
php, I hired a guy to help me setup the database. He set it up and it
works flawlessly. Well.. instead of helping me finish the project, he
has pretty much dissapeared.

Looking at the code, the passwords are stored using Md5 encryption in
the database. I was able to get a password retrieval form working,
but its sending the passwords encrypted.

Can they be retrieved unencrypted via form?

No

You need to reset the password.

--
Arjen
http://www.hondenpage.com

On 29 Mar, 15:56, custom...@gmail.com wrote:

I have designed a site that requires users to login. Me being new to
php, I hired a guy to help me setup the database. He set it up and it
works flawlessly. Well.. instead of helping me finish the project, he
has pretty much dissapeared.

Looking at the code, the passwords are stored using Md5 encryption in
the database. I was able to get a password retrieval form working,
but its sending the passwords encrypted.

Can they be retrieved unencrypted via form?

if you mean, can you get the users to post their passwords from the
form so that you can see them, and still authenticate them, the answer
is yes (if you fiddle with the form) but you should leave it just as
it is!
The last reply (Arjen) was spot on, you shouldnt have to know what
your users passwords are, just reset them, that's all they need. The
way the form is set up _probably_ (we can't really tell cos you didn't
provide a URL) means that it is logging them in securely without SSL,
if you fiddle with this, you will be increasing the surface area of
attack for your site.

If you meant anything else, the answer is _probably_ no.

On Mar 29, 10:23 am, Floortje <l...@zingmaarmetmijmee.enelwrote:

custom...@gmail.com schreef:

I have designed a site that requires users to login. Me being new to
php, I hired a guy to help me setup the database. He set it up and it
works flawlessly. Well.. instead of helping me finish the project, he
has pretty much dissapeared.

Looking at the code, the passwords are stored using Md5 encryption in
the database. I was able to get a password retrieval form working,
but its sending the passwords encrypted.

Can they be retrieved unencrypted via form?

No

You need to reset the password.

--
Arjenhttp://www.hondenpage.com

Thanks! Allthe work I put into it did me no good, but keeps me from
continuing on the wrong path.

I appreciate the response.

On 29 Mar, 17:13, custom...@gmail.com wrote:

On Mar 29, 10:23 am, Floortje <l...@zingmaarmetmijmee.enelwrote:

custom...@gmail.com schreef:

I have designed a site that requires users to login. Me being new to
php, I hired a guy to help me setup the database. He set it up and it
works flawlessly. Well.. instead of helping me finish the project, he
has pretty much dissapeared.

Looking at the code, the passwords are stored using Md5 encryption in
the database. I was able to get a password retrieval form working,
but its sending the passwords encrypted.

Can they be retrieved unencrypted via form?

No

You need to reset the password.

--
Arjenhttp://www.hondenpage.com

Thanks! Allthe work I put into it did me no good, but keeps me from
continuing on the wrong path.

I appreciate the response.

This has ben said here before, but it isn't possible without SSL or a
js implementation of assymmetic encryption to /change/ the password.
Because hashes are one way it is not possible to let either party see
something that cannot be sniffed along the way. However using email
has similar difficulties due to its inherent insecurity, but it can be
made secure if the user gets their email using SSL webmail or secure
pop.

When a user wishes to change their password, first they must proove to
your system that they know a little bit about the user whose password
they wish to change, so asking an email address and user is OK, but
not great. Then your server needs to find those two in the same row of
the database - which is why you ask for it on signup - and set a
random string in the "reset" column of the same row perhaps, and send
an email to that user "someone probably you has requested to reset
your password" click here if you wish this, or don't do anything.
The nere link is of the form
<a href="https://server.com/pass_reset.php?id=random_string">here</a>
the script looks up the random string, and knows which password to
reset, the markup for pass_reset.php is just a form asking for the new
password twice, and a hint which can be stored in a new "hint" column
of the same table. this is done over SSL so it's secure, the server
then md5 or sha1(password) and the thing is stored against the random
string row. An email can then be sent as confirmation, together with
the hint.
It's not great, in fact this is a _whole_ area but this follows the
model of a lot of forums, it's a good trade off between inconvenience
and security, like not posting armed guards at hospitals, or swimming
with iron underwear in a zone where sharks are sometimes seen.