[thelist] hashing stored passwords (revisited)

Jeff Howden jeff at jeffhowden.com
Wed Jun 25 15:27:14 CDT 2003


ted,

><><><><><><><><><><><><><><><><><><><><><><><><><><><><><
> From: ted serbinski
>
> The only question I have with hashing a password is,
> what if a user forgets his/her password?
><><><><><><><><><><><><><><><><><><><><><><><><><><><><><

simple.  just generate a new, random password, hash it, and stuff it in the
database.  take this newly created password and email it to the email
account on record.  give them a lookup by both username and email address.
make sure to constrain accounts so there are no duplicates of either.

.jeff

——————————————————————————————————————————————————————
Jeff Howden - Web Application Specialist
Résumé - http://jeffhowden.com/about/resume/
Code Library - http://evolt.jeffhowden.com/jeff/code/




More information about the thelist mailing list