in reply to User Editor Page and clear text passwords

Irrespective on how safe or unsafe the current situation is, I agree with you on this one thing: there's absolutely no reason whatsoever for the two password fields to contain anything. The scheme on form submission should just be as follows:
  • Comment on Re: User Editor Page and clear text passwords

Replies are listed 'Best First'.
Re^2: User Editor Page and clear text passwords (do it)
by tye (Sage) on Feb 16, 2004 at 02:13 UTC

    I was going to say that there should be three fields: old password and new password twice. That way stealing a cookie wouldn't allow you to change the victim's password (without an additional cracking step).

    However, I don't want to increase adminstrative requests because of people who have forgotten their password but still have a cookie.

    Perhaps we could do that after we add a 'password reminder' question and answer for each user...

    But I think the change to special-case empty password fields (and to not pre-fill those fields) would be a pretty simple change.

    - tye        

[reply]
      I was going to say that there should be three fields: old password and new password twice. That way stealing a cookie wouldn't allow you to change the victim's password (without an additional cracking step).
      You could tackle that the other way around. You do have everybody's email address from the time when they requested a user account, don't you? Granted, it's possible that address is no longer valid, but that aside...

      What I'm thinking of, is to send a mail to this address whenever the password is changed, with the new password. That way, the original author can always steal his own account back.

[reply]
Re: Re: User Editor Page and clear text passwords
by demerphq (Chancellor) on Feb 15, 2004 at 22:12 UTC

    Yes yes, its true. Alas, it ain't quite so simple. Or t'would already be done m'man.


    ---
    demerphq

      First they ignore you, then they laugh at you, then they fight you, then you win.
      -- Gandhi
[reply]
[d/l]
      At least not pre-filling the password box is a simple step. How hard IS that? I mean that most literally, not sarcastically. What's the work that is involved beyond checking if the password fields are not nil and match?

      How easy would it be to put a disclaimer near the password box?


      Play that funky music white boy..
[reply]

        Ah, the way I see it is that these things are handled automatically. So what you are talking about is providing special case behaviour for a single field in the user object. Its possible sure, but its not straight forward. Its definately not a whip out a patch in 30 minutes (or 2 minutes for that matter) that it might be in some scenarios. Yes, I personally as a pmdever will look into it, no I did not see a clean and obvious patch to do it when I first looked after reading your node.


        ---
        demerphq

          First they ignore you, then they laugh at you, then they fight you, then you win.
          -- Gandhi
[reply]
[d/l]

In Section Perl Monks Discussion