>1) is this the best way to do it? Yes
>2) can anyone advice on the best hashing algorithm to use, or any advice on this matter? SHA-512 is the strongest hash offered natively in CF7. >Also can anyone provide me with a very short piece of code to show me how to hash the password? hash(password) For the slightly longer CF7 version with the strongest hash: hash(password,"SHA-512") >3) seeing as we only have the hashed version of the password what happens if the user has forgotten their password? - do we have to reset their password to one that we know, get them to log on with it, and then ask them to change their password once they have logged on? Yes. You can send them a new, automatically generated password via email, for example, if they have a confirmed email address. On 12/20/06, Richard White <[EMAIL PROTECTED]> wrote: > Hi, i am just working on creating user accounts and would like some advice in > regard to the password. > > from what i have read i take it that the best way to deal with passwords is > to only save the hashed version of the users password in the database. Then > when the user attempts to log on, we take the password that they entered, > hash it, and then compare it to the hashed version in the database. > > I just have a few questions: > > 1) is this the best way to do it? > > 2) can anyone advice on the best hashing algorithm to use, or any advice on > this matter? Also can anyone provide me with a very short piece of code to > show me how to hash the password? > > 3) seeing as we only have the hashed version of the password what happens if > the user has forgotten their password? - do we have to reset their password > to one that we know, get them to log on with it, and then ask them to change > their password once they have logged on? > > thanks very much for any help anyone can provide > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://ad.doubleclick.net/clk;56760587;14748456;a?http://www.adobe.com/products/coldfusion/flex2/?sdid=LVNU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:264564 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
