On Wednesday, November 18, 2009, at 09:05AM, "Jeremy Evans" <[email protected]> wrote: >On Nov 18, 6:57 am, Scott LaBounty <[email protected]> wrote: >> http://steamcode.blogspot.com/2009/11/forgot-password.html > >I'll admit to not reviewing the code in detail, because I think the >basic design is flawed. You shouldn't be storing the user's passwords >directly in the database, it's generally considered a security risk. >You should be storing only password hashes in the database, preferably >salted per user.
Jeremy beat me to it, but I still wanted to echo this advice. No application you write should ever store users' passwords. Too many people use the same password for most everything. If someone breaches your website or database, they may suddenly have access to someone's bank login. If you deal with any site that can email you your password, you should immediately ensure that that your password to that site is unique and unimportant. Plus, you're sending someone's password in plaintext in email back to them? That's both snoopable and (if they're not careful) a problem for anyone with access to their email or looking over their shoulder. A reset password action should not reset the password until you've confirmed that the person asking for it to be reset has received the email and confirmed that they did indeed want their password reset. -- You received this message because you are subscribed to the Google Groups "sequel-talk" group. To post to this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/sequel-talk?hl=.
