vb.org Archive
Page 4 of 7 « First 23 4 56 Last »
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 2.x Full Releases (https://vborg.vbsupport.ru/forumdisplay.php?f=4)
-   -   [release vb2] Database Password Encryption (https://vborg.vbsupport.ru/showthread.php?t=18868)

rebby 06-05-2001 05:35 PM
Quote:
Originally posted by rebby
it now encrypts the password (like it should) however the bullet in the user cp does not reflect this...
never mind... i missed a block... :D sorry...

chrispadfield 06-10-2001 09:13 PM
Quote:
Originally posted by mrlister
plain text passwords is the only reason why i have to memorize so many different passwords for each vB i sign up with.
I know what you mean however even if the passwords are set as standard to be encrypted (and i am sure it will be an option anyway) you can't trust the person operating the VB as they could easily hack it not to use encrypted passwords. Any password you use should really be unique or there is a chance someone could use it.

Lord Satan 06-15-2001 07:09 AM
Am I to understand that anyone can see anyone's password without the encryption?

What other security holes are there in vBB?

chrispadfield 06-15-2001 07:14 AM
Quote:
Originally posted by Lord Satan
Am I to understand that anyone can see anyone's password without the encryption?

What other security holes are there in vBB?
clearly you don't understand. Only the admin can see anyone's (who has registered at their site's) password. Why would you expect any different. If you pass information to a site you have to expect them to be able to look at it if they want to.

and it is VB not vBB :)

rebby 06-15-2001 10:58 AM
Quote:
Originally posted by chrispadfield





clearly you don't understand. Only the admin can see anyone's (who has registered at their site's) password. Why would you expect any different. If you pass information to a site you have to expect them to be able to look at it if they want to.



and it is VB not vBB :)
actually that is not true. anybody w/access to the sql server can. if the server is comprimised... well, i won't point out the obvious....

atrl 06-21-2001 01:35 PM
Parse error: parse error, expecting `T_STRING' or `T_VARIABLE' or `T_NUM_STRING' in /home/atrl/public_html/forums/member.php on line 139 is the error i get what do i do?

dabean 06-21-2001 03:32 PM
from the php manual "parse error, expecting `T_STRING' or `T_VARIABLE' ..." Generally that type of error is caused by the echo function, how ever as my code fragment doesn't use this particular function it is probibaly some other hack or modification you've made.

http://www.php.net/manual/en/function.echo.php Read the User Contributed Notes.

jmcneese 06-28-2001 08:21 AM
this is indeed very cool, and i have set it up on my site. one caveat, though.

should a user ever decide to go back to a non-encrypted password, this is not provided for. there of course is the option to select 'no' in the user template, but this has no effect on the stored password in the database. i may just be ignorant, but i don't know of a way to un-MD5 a password hash.

any ideas? otherwise i'll just change the template and remove the 'no' option for encrypted passwords, stating that it's an irreversable option.

thewitt 06-28-2001 10:23 AM
Though I have not looked at this particular hack, MD5 is a hashed-asymetric encryption that is not reversable.

You cannot take the MD5 hash and turn it back into the plain text password.

-t

rebby 06-28-2001 10:56 AM
Quote:
Originally posted by thewitt
Though I have not looked at this particular hack, MD5 is a hashed-asymetric encryption that is not reversable.

You cannot take the MD5 hash and turn it back into the plain text password.

-t
true... the only way to do this would be to prompt for the password, store it in a temporary variable, verify that it is correct, and then change the db if it is... you will have to use the temp var though cause like thewitt said you can't revert an md5 hash...


All times are GMT. The time now is 08:22 PM.
Page 4 of 7 « First 23 4 56 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01627 seconds
  • Memory Usage 1,738KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (5)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete