: Wednesday, 20 November 2002 1:01 AM
To: 'Jeremy Wilson'; 'Jason Vincent'; [EMAIL PROTECTED]
Subject: RE: [PHP-DB] Email Encryption?
Hi All,
I want to thank everyone for their suggestion.
A short term solution we're simply going to remove the username from
the email. This way if a hacker does obtain
:08 PM
To: 'Aaron Wolski'; 'Jason Vincent'; [EMAIL PROTECTED]
Subject: RE: [PHP-DB] Email Encryption?
$encrypted_string = md5(base64_encode($var.'secret key'));
Pass the user name or password to $var and place text in to replace the
words 'secret key'.
-Original Message-
From: Aaron Wolski
PROTECTED]
Subject: RE: [PHP-DB] Email Encryption?
Well.
Its not what they want.. it what one of their clients want (very big
corporation with very unrealistic security standards - you'd think they
were NASA or something *grumble*)
Their thought is that someone could hack the received email, login
November 2002 7:12 AM
To: Aaron Wolski
Cc: 'Jason Vincent'; [EMAIL PROTECTED]
Subject: RE: [PHP-DB] Email Encryption?
At the time of the account setup, you'll have the unencrypted and
encrypted
password. Send the email before it gets encrypted.
Still, this is a little silly, since the email
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
Check out this link:
http://www.pgpi.org/dev/
It is not exactly PHP material, but maybe if you wanted to contact
them ask them about supporting PHP you might get a response (i'd be
interested if you get a responce, as i think having that
Just thinking here..
PGP is not an option as it would mean EACH user being setup would need
the company's public key to decrypt. Not possible as they setup a few
hundred accounts each month.
Hmm.. anything else?
Argh :(
Aaron
-Original Message-
From: Aaron Wolski
Why email? If the Admin tool uses SSL, that is all you need.
Regards,
J
-Original Message-
From: Aaron Wolski [mailto:aaronjw;martekbiz.com]
Sent: Friday, November 15, 2002 11:39 AM
To: 'Aaron Wolski'; [EMAIL PROTECTED]
Subject: RE: [PHP-DB] Email Encryption?
Just thinking here
Wolski'; [EMAIL PROTECTED]
Subject: RE: [PHP-DB] Email Encryption?
Just thinking here..
PGP is not an option as it would mean EACH user being setup would need
the company's public key to decrypt. Not possible as they setup a few
hundred accounts each month.
Hmm.. anything else
]
Subject: RE: [PHP-DB] Email Encryption?
Why email? If the Admin tool uses SSL, that is all you need.
Regards,
J
-Original Message-
From: Aaron Wolski [mailto:aaronjw;martekbiz.com]
Sent: Friday, November 15, 2002 11:39 AM
To: 'Aaron Wolski'; [EMAIL PROTECTED]
Subject: RE: [PHP-DB
*
-Original Message-
From: Aaron Wolski [mailto:aaronjw;martekbiz.com]
Sent: Friday, November 15, 2002 10:47 AM
To: 'Hutchins, Richard'; [EMAIL PROTECTED]
Subject: RE: [PHP-DB] Email Encryption?
The user account is setup via the Admin util.
The details are emailed to the account holder
is supposed to simplify their lives not
complicate :(
Aaron
-Original Message-
From: Cal Evans [mailto:cal;calevans.com]
Sent: November 15, 2002 11:54 AM
To: Aaron Wolski; 'Hutchins, Richard'; [EMAIL PROTECTED]
Subject: RE: [PHP-DB] Email Encryption?
Instead of emailing them the login
it used in various
places.
-Original Message-
From: Aaron Wolski [mailto:aaronjw;martekbiz.com]
Sent: Friday, November 15, 2002 11:47 AM
To: 'Hutchins, Richard'; [EMAIL PROTECTED]
Subject: RE: [PHP-DB] Email Encryption?
The user account is setup via the Admin util.
The details
PROTECTED]
Subject: RE: [PHP-DB] Email Encryption?
The user account is setup via the Admin util.
The details are emailed to the account holder.
Profile and Login information are contained within.
Aaron
-Original Message-
From: Hutchins, Richard [mailto:Richard.Hutchins;GetingeCastle.com
() of
the app.
Thanks again.
Aaron
-Original Message-
From: Jason Vincent [mailto:jayv;nortelnetworks.com]
Sent: November 15, 2002 12:05 PM
To: Aaron Wolski; [EMAIL PROTECTED]
Subject: RE: [PHP-DB] Email Encryption?
What I was getting it is, have the 'users' log into a secure
] Email Encryption?
Why email? If the Admin tool uses SSL, that is all you need.
Regards,
J
-Original Message-
From: Aaron Wolski [mailto:aaronjw;martekbiz.com]
Sent: Friday, November 15, 2002 11:39 AM
To: 'Aaron Wolski'; [EMAIL PROTECTED]
Subject: RE: [PHP-DB] Email Encryption?
Just
Vincent'; [EMAIL PROTECTED]
Subject: RE: [PHP-DB] Email Encryption?
Why not encrypt the password in the DB? If they lose their password, it
cannot be sent to them. They chose it, so it doesn't need to be sent to
them in their email. If they lose it, it is changed, and they have to
change it again
:EXCH]; [EMAIL PROTECTED]
Subject: RE: [PHP-DB] Email Encryption?
My client is the one doing the setup of accounts.
How would the account holder know of his password before it got encrypted?
Hense the email.
Aaron
-Original Message-
From: Peter Beckman [mailto:beckman;purplecow.com
.
Aaron
-Original Message-
From: Peter Beckman [mailto:beckman;purplecow.com]
Sent: November 15, 2002 12:35 PM
To: Aaron Wolski
Cc: 'Jason Vincent'; [EMAIL PROTECTED]
Subject: RE: [PHP-DB] Email Encryption?
Why not encrypt the password in the DB? If they lose their password
18 matches
Mail list logo