Login

Rhiannon · 03-05-2004, 07:08 AM

password encryption isnt that big of a deal. Only way someone can get the passwords is thru the database, which noone should have access to anyways except you. Just do as toonski and ado suggest by adding your own encrpytion. Calm down :roll:

na_th_an · 03-05-2004, 07:21 AM

He did not have a child, but he had a 9 months pregnant girl to care about. As I see it, Seph is not to blame of what's happening: I must've missed something, but he never claimed that his forum used encryption, so there is nothing to upbraid him. I suggest that you go and encrypt the passwords. Anyhow, decrypted passwords are harmless unless someone can crack into your database and see them.

Zack · 03-05-2004, 07:30 AM

Nobody's going to hack into the database. I suppose I am overreacting. =/

Rhiannon · 03-05-2004, 07:39 AM

You know, by posting on a public forum that the sephforum doesnt encrypt the passwords, you've exposed all sephforums to malicious people who have nothing else better to do that exploit people. Luckily most people are on hosts at datacenters with tight security.

This is something that should have been taken up privately with seph instead of chastising him here in public.

potato · 03-05-2004, 07:46 AM

$mySQLPass = crypt($registeredPass, $encodeString);
$result = mysql_query("INSERT INTO tablename password=".$mySQLPass." . . . whatever");
or use UPDATE tablename SET password= . . . whatever.

and then when checking, pseudo:
<INPUT TYPE="PASSWORD" NAME="loginPass">
$loginPass = crypt($loginPass, $encodeString);
if ($mySQLPass != $loginPass) {
// whatever happens when you provide wrong password
}

use php's encrypt as a quick fix

Fling-master · 03-05-2004, 08:11 AM

Quote:You know, by posting on a public forum that the sephforum doesnt encrypt the passwords, you've exposed all sephforums to malicious people who have nothing else better to do that exploit people. Luckily most people are on hosts at datacenters with tight security.

This is something that should have been taken up privately with seph instead of chastising him here in public.

Except of course that the forum code is freely available for anyone to poke holes in (why they would do that is beyond me). Tongue

relsoft · 03-05-2004, 12:14 PM

Quote:My family had to take care of my 2-month old cousin a few years back. The little thing didn't stop screaming and crying, and it couldn't even sit up and it pooped all the time... And this is after two months. A baby is a *huge* amount of work, and Seph's is only a few weeks old.

Tell me about it. :*)

adosorken · 03-05-2004, 05:37 PM

Quote:Nobody's going to hack into the database. I suppose I am overreacting. =/

Of course you're overreacting. Now calm down. Big Grin

Zack · 03-05-2004, 07:22 PM

I'm calm, I'm calm. :wink:
The only problem here I can see, is...you (Nek), Rhia, Rel, Fling, Potato, and Toonski aren't going to register.
Ah, well, I'll get the newbies. :wink:

KiZ · 03-05-2004, 09:07 PM

Why not? Zack... just add the MD5 function in to a couple of places, announce the changes, and hey presto everyone will be fine with signing up!

Login
Username:
Password:	Lost Password?
	Remember me