On Thu, Jun 24, 2010 at 9:17 AM, David Zhu <dzwestwindso...@gmail.com> wrote: > In authlogic, I set the password field to "crypted password" > > Is there a way to display a password, even if its "crypted"? What if > the user forgets the password and needs to recover it? How can I > recover a crypted password?
You don't "recover" it. You reset it. User types in username, clicks "reset password". You lookup email address of user in DB and email them a link with a secret token which allows them to choose a new password. The secret token is kinda like a one-time-password which only lets them change their password. You've prolly seen this sort of thing with many websites? -- Aaron Turner http://synfin.net/ Twitter: @synfinatic http://tcpreplay.synfin.net/ - Pcap editing and replay tools for Unix & Windows Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. -- Benjamin Franklin "carpe diem quam minimum credula postero" -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-t...@googlegroups.com. To unsubscribe from this group, send email to rubyonrails-talk+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
