There are other better solutions :) But my hope is to discourage another from doing far worse.
MM On Fri, Feb 4, 2011 at 6:35 AM, AD7six <[email protected]> wrote: > > > On Feb 4, 12:21 pm, Matt Murphy <[email protected]> wrote: > > It is never necessary to decrypt a password -- both from a technical > > standpoint and from a security standpoint. If you need to check an > entered > > password vs the stored has, you hash the entered password and compare > with > > the stored hash. If your user forgets theirs, simply generate a new one, > > email it to them > > FWIW that's a hideous practice. don't mail passwords. > > -- > Our newest site for the community: CakePHP Video Tutorials > http://tv.cakephp.org > Check out the new CakePHP Questions site http://ask.cakephp.org and help > others with their CakePHP related questions. > > > To unsubscribe from this group, send email to > [email protected]<cake-php%[email protected]>For > more options, visit this group at > http://groups.google.com/group/cake-php > -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php
