Re: Rehased password field value

Mon, 06 Oct 2008 22:26:52 -0700 

Thanks a lot Martin for guiding me!

On Oct 6, 6:44 pm, "[EMAIL PROTECTED]"
<[EMAIL PROTECTED]> wrote:
> Hi bookme,
> The point of hashing data like passwords is that it can't be returned
> to its original form. (except for brute hacking)
> There is no way to "un-hash" the password.
>
> I don't think I have ever filled out a form where the password was
> kept when a validation error re-displayed the form.
> It is a small sacrifice on the part of the user to have to re-enter a
> password field compared to the security benefits. If you never ever
> put a password (hashed or not) into a view, your application will
> never be able to accidentally provide a hacker with free pass.
>
> /Martin
>
> On Oct 6, 3:18 pm, bookme <[EMAIL PROTECTED]> wrote:
>
> > Hi,
> > I am working on Signup action in users controller using Auth
> > component.
> > signup.ctp file includes username, password, password2(confirm
> > password).
>
> > <label for="UserUsername" class="usernamelabel"><span>Username</span></
> > label>
> > <?php e($form->text('username', array('class' => 'fullwidth'))); ?>
> > <label for="UserPassword" class="passwordlabel"><span>Password</span></
> > label>
> > <?php e($form->password('password', array('class' => 'fullwidth'))); ?
>
> > <label for="UserPasswordRepeat"
> > class="passwordrepeatlabel"><span>Confirm Password</span></label>
> > <?php e($form->password('password2', array('class' => 'fullwidth'))); ?
>
> > Using "passwordSimilar"  in user model, I am verifying username,
> > password and password2.
> > problem is that when either both password is not same or user did not
> > enter username then value of password is hash value in it's
> > corresponding text box.
>
> > How can I show actual password value in text box instead of hash
> > value ?
> > My mean to say..How can Irehashedpassword field value ?
>
> > Thanks
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to