comment on

Being able to recover a user's password would mean that there would need to be a "secret key" for the "right people" to be able to decrypt it. This opens yet another possible security hole. The preferred way of doing things is simply giving the "right people" the power to change any user's password. That way, if a user loses his/her password, they can have it reset to something known.

Most password-protected web pages out there evidently store the passwords in clear text, since they are able to mail it to you if you lose it. Although convenient, this is not necessarily secure. I think the best thing would be what comatose suggested, have the system generate a new random password and send it to the user. That way you don't have to store clear-text passwords.

In reply to RE: Thanks! by ZZamboni
in thread P@$$w0rd$ in perl? by skazat

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.