Help With Register Dialog.
#1

>>Removed Due To Second Thoughts<<
Reply
#2

Well the reason there is quite simple, you should be storing it as a string, not an integer.

pawn Код:
dini_Set(file,"Password", inputtext);
Although I would like to stress that storing non-hashed passwords is a serious security flaw, your players would not be happy about their password being stored in plain text for anyone with access to use. With this said, udb_hash (Adler32) is not a reliable hashing method. You should use a method such as Whirlpool.
Reply
#3

I understand. I will revert back to use "udb hash". I thought it would be quite a simple way of helping people if they had forgotten their passwords ingame.
Reply
#4

If people forget their password, you don't send it back to them, because you shouldn't be able to. Have you ever seen a decent site with a password recovery function that actually sends back your real password?

Simply because they shouldn't be able to since it's hashed, they always either generate a new one and send you that, or else make you set a new one yourself. If you want to reset people's passwords, just generate a new one for them, hash it and store it in their file.
Reply
#5

Quote:
Originally Posted by JaTochNietDan
Посмотреть сообщение
If people forget their password, you don't send it back to them, because you shouldn't be able to. Have you ever seen a decent site with a password recovery function that actually sends back your real password?

Simply because they shouldn't be able to since it's hashed, they always either generate a new one and send you that, or else make you set a new one yourself. If you want to reset people's passwords, just generate a new one for them, hash it and store it in their file.
Kk thankyou for the advise!
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)