The forum of the forums
Welcome to the Official Support Forum of Forumotion!

To take full advantage of everything offered by our forum, please log in if you are already a member, or join our community if you've not yet.



Create a free forum like this one.

Password Security: Salt Hash

View previous topic View next topic Go down

Do you agree or disagree ?

60% 60% 
[ 3 ]
40% 40% 
[ 2 ]
 
Total Votes : 5

Password Security: Salt Hash

Post by SAA on March 15th 2016, 8:38 pm

When I made my account, I got an email with my username and password in plain text...

"Please do not forget your password as it has been encrypted in our database: we cannot retrieve it for you. However, if you forget your password, you can request a new one to an Administrator."

Hopefully, by encrypted, you mean Salted Hash. That being said, even if the email is sent before the password becomes hashed, there's still a large security risk as emails are not 100% secure. You want the length of time that a password is held unencrypted to be minimal.

http://plaintextoffenders.com/about/

SAA
New Member

Posts : 2
Reputation : 1
Language : English

http://saa953@gmail.com

Back to top Go down

Re: Password Security: Salt Hash

Post by SLGray on March 15th 2016, 9:59 pm

Is this suggestion for only the support forum or all forums?


When your topic has been solved, ensure you mark the topic solved.
Never post your email in public.


SLGray
Administrator
Administrator

Male Posts : 36735
Reputation : 2446
Language : English
Location : United States

http://ztwds.forumotion.com/

Back to top Go down

Re: Password Security: Salt Hash

Post by SAA on March 16th 2016, 1:04 am

All forums, especially for support because if support get's hacked, the rest might be screwed.

I'm kind of new here, so excuse me if I posted to the wrong sub forum.

I initially signed up at http://project-contingency.forumotion.com/. When I brought up this issue, I was told that Forumotion handles the account creation process. So, I came here. Since this is handled by Forumotion itself, I figured I should post this here. However, since this affects all forums, it seems that I posted in the wrong place. In that case, please move this thread to the appropriate sub-forum.

SAA
New Member

Posts : 2
Reputation : 1
Language : English

http://saa953@gmail.com

Back to top Go down

Re: Password Security: Salt Hash

Post by SLGray on March 16th 2016, 2:42 am

Move to the correct section.


When your topic has been solved, ensure you mark the topic solved.
Never post your email in public.


SLGray
Administrator
Administrator

Male Posts : 36735
Reputation : 2446
Language : English
Location : United States

http://ztwds.forumotion.com/

Back to top Go down

Re: Password Security: Salt Hash

Post by Niko on March 16th 2016, 9:53 am

Hello

I must admit this is strange.. when you create a forum the password is not displayed (you see "use the password you have chosen" instead)... but with accounts creation..

I really don't know Razz

Niko
Hyperactive

Male Posts : 2298
Reputation : 97
Language : English, French, Italian, Spanish, Latin

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum