PDA

View Full Version : registration security


nighteyes
11-21-2004, 03:22 AM
I would like to see checks performed on registration that prevent a user from registering for a username with an identical password (i.e. username: bob password: bob). I would also like a batch script that goes through every account and alerts us to any account that is setup with a matching username and password.

Would anyone else find this useful? Anyone want to code up a quick hack?

Andreas
11-21-2004, 09:32 AM
Should be pretty easy to achieve and yes it sounds useful.

To find out which users already do have their username as password:

select username from user where password = md5(concat(md5(username), salt))