Re: Testing

new topic     » goto parent     » topic index » view thread      » older message » newer message
  • Posted by jeremy (admin) Oct 02, 2008
  • 1332 views

Bernie,

I think you are in the far minority about liking the old method. Your password is stored in not just a md5 hash of itself, but with other items as well such as a system hash, the time/date you signed up as well as your user code. I'd venture to say that to retrieve your password from EuForum is down right impossible. No one here can retrieve it, not even admins of the box... When you login, the login system can't even figure out your stored password. It has to recreate the md5 has and then compare the two hashes together to see if it's a match.

Now, are you speaking of "Remember Me" ? That again, does not store your password at all. Again, EuForum does not have your password, it has a very contrived hash of your password and even that has is not stored in the cookie generated.

Your account is quite safe here. Now, if you choose "Remember Me" on a public computer, say at a library, and someone goes to the Open Euphoria page, they will have access to post messages as you. Thus, you should never use any remember me option while using a public computer. The same is true for Yahoo Mail, Google Mail and any other system that has a remember me option.

Jeremy

new topic     » goto parent     » topic index » view thread      » older message » newer message

Search



Quick Links

User menu

Not signed in.

Misc Menu