On Wed, Jul 29, 2009 at 3:54 PM, oshells <oshe...@gmail.com> wrote:

> I used Abraham examples to implement OAuth into Elgg v0.9.2 (last
> version of an open source social network platform).
> It`s working as it should be, but I also made further thinking (if by
> any chance OAuth gets down) and  the first time users join our website
> they must complete a "one time" signup process, allowing us to have
> the missing parts from theyr account (email - any email they might
> choose) and also let them set theyr username/password .
> Now, even if theyr password is the same as for twitter it`s md5
> encripted and no-one, neither the admins can use it in a "non-right
> way".
You realize of course that MD5 is compromised and relatively worthless,
right? SHA512 baby.

- Andy Badera
- and...@badera.us
- Google me: http://www.google.com/search?q=andrew+badera
- This email is: [ ] bloggable [x] ask first [ ] private

Reply via email to