Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
TAd
Worker
Worker


Joined: Oct 11, 2004
Posts: 123
Location: Oregon, USA

PostPosted: Sun Mar 20, 2011 3:19 pm Reply with quote

With regard to the creation of passwords/passkey, I like to see user details to aid in the creation of the stored passkey. For example, password and UserEmail (as salt) encrypted is a stored encrypted passkey. It would be unlikely to have 2 users who have the same password and email. Later if the email is changed, you could force a new password entry as well.

I think the security issues I have seen with regard to passwords is more along the lines of a very weak password, and not the way it was stored. A built in password generation would be a nice little feature. Forcing the use of stronger passwords would also be nice. Little Johny can have the best system on the backend, but if he uses aaa as a password, well... Little Johny will most likely be trying to sell pharmaceuticals Rolling Eyes.
 
View user's profile Send private message Yahoo Messenger
duck
Involved
Involved


Joined: Jul 03, 2006
Posts: 273

PostPosted: Sun Mar 20, 2011 3:48 pm Reply with quote

Eventually I would probably like to add individual unique salts which then have to be stored in table with users but as is what I have done should beef up security ten fold anyway.
 
View user's profile Send private message
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©