Ok, here's how I do it: 1. User clicks the lost password page: 2. Email is sent to user's registered email address. Email contains a url to the newpassword page and has a validation code. This validation code is also stored in the userinfo table (it's the MD5 of current date + time + random chars). 3. User clicks link and is taken to page. 4. If the supplied validation code checks out, the user gets to pick a new password there and then. 5. If the user didn't want to change the password (i.e.. the abuse scenario you talked of) they simply ignore the email - no change occurs.
So : The passwords can be encrypted in the database. The system is difficult to abuse. Passwords are never sent out over email. User gets to choose own password. Well it works for me anyway :) HTH Danny. ----- Original Message ----- From: "Monty" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, July 29, 2002 10:30 PM Subject: [PHP] Encrypting Passwords - Is it really necessary?? > Is it really necessary to store passwords encrypted in a mySQL DB for a > membership site if you're not storing sensitive info such as credit card > numbers? How much security does that offer, really, and for whom? > > The reason I ask is because I'm trying to implement a "forgot password" > feature on a membership site. But if I store passwords encrypted, I can't > just send the password to their e-mail address, I have to generate a new one > before sending it, which essentially locks that member out of the site until > they get their new password. This has the potential to be abused by a > vindictive person. All they need to know is the member's username or e-mail > address and they can keep re-generating new passwords (locking the member > out of their own account) for a member to annoy them. > > If the password wasn't encrypted, I could just e-mail their existing > password. The only annoyance then would be someone sending this password > over and over to another user, but, at least they won't get 20 new passwords > and be locked out of their account as a result. > > If anyone else has dealt with this issue, I'd appreciate your insight. > > Thanks! > > Monty > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php