Better way of resetting lost password

Page 1 of 1

4 Replies - 265 Views - Last Post: 12 September 2012 - 11:31 AM Rate Topic: -----

#1 laytonsdad  Icon User is offline

  • D.I.C Regular

Reputation: 62
  • View blog
  • Posts: 380
  • Joined: 30-April 10

Better way of resetting lost password

Posted 11 September 2012 - 04:43 PM

I am working out how to allow registered users who have forgot their password to change it.

Here is a diagram of what I think would work but I need some advise on if it is a good practice to do it this way.
Is This A Good Question/Topic? 0
  • +

Replies To: Better way of resetting lost password

#2 creativecoding  Icon User is online

  • Hash != Encryption
  • member icon


Reputation: 786
  • View blog
  • Posts: 2,972
  • Joined: 19-January 10

Re: Better way of resetting lost password

Posted 11 September 2012 - 04:49 PM

yeah that way works. Don't use encryption though, use hashing.
Was This Post Helpful? 0
  • +
  • -

#3 laytonsdad  Icon User is offline

  • D.I.C Regular

Reputation: 62
  • View blog
  • Posts: 380
  • Joined: 30-April 10

Re: Better way of resetting lost password

Posted 11 September 2012 - 04:51 PM

View Postcreativecoding, on 11 September 2012 - 04:49 PM, said:

yeah that way works. Don't use encryption though, use hashing.

When you say use hashing versus encryption what do you mean? I usually use sha1 is this a bad habit?

This post has been edited by laytonsdad: 11 September 2012 - 04:53 PM

Was This Post Helpful? 0
  • +
  • -

#4 creativecoding  Icon User is online

  • Hash != Encryption
  • member icon


Reputation: 786
  • View blog
  • Posts: 2,972
  • Joined: 19-January 10

Re: Better way of resetting lost password

Posted 11 September 2012 - 06:08 PM

*
POPULAR

Encryption and hashing are two different things. Encryption can be unencrypted. Hashes cannot.Things that are the same will have the same hash (much like encryption). sha1 is hashing, not encrypting. See my member title. And yes, sha1 should be enough but I usually use sha512.

This post has been edited by creativecoding: 11 September 2012 - 06:09 PM

Was This Post Helpful? 5
  • +
  • -

#5 laytonsdad  Icon User is offline

  • D.I.C Regular

Reputation: 62
  • View blog
  • Posts: 380
  • Joined: 30-April 10

Re: Better way of resetting lost password

Posted 12 September 2012 - 11:31 AM

View Postcreativecoding, on 11 September 2012 - 06:08 PM, said:

Encryption and hashing are two different things.

I will remember this, I meant hashing when I wrote encryption.
Was This Post Helpful? 0
  • +
  • -
Page 1 of 1