|
I know the passwords are encrypted in v2.2.0 but is there is anyway to have them shown in the admin control panel
I know there is a security risk but I think it's always good to have that option |
It's a MAJOR risk...
I had that enabled at my forum, then a hacker got in (thanks to one staff member's utter stupidity). EVERYONE had to change their passwords... repeatedly. It was not fun. |
You can't decrypt MD5-encrypted passwords
|
sure you can ;) just takes skill and time
|
md5 produces a 32 character string no matter what, so a book encryped in md5 will be 32 characters and the letter a encrpyted is 32 characters.
There is no way to undo this. |
i dont want to use MD5 encryption because i will be integrating another script along with vB, that calls the passwords from the user table. and this would make it so difficult.
|
yeah I know that there is a risk in having the passwords visible but I'm the only person who can enter the admin panel and I didnt have any problems for over 3 years since I started with UBB
and I know it's really hard to decrypt the MD5 encryption but I was hoping somebody will figure it out :) |
so you want a script to allow you to view passwords via CP, by decrypting the MD5-encrypted passwords on the DB? sorry man, aint NOBODY going to make this, if its at all POSSIBLE! best bet is to take out the encrypting alltogether before you can takle ANYTHING, sorry man, try www.elance.com for this one. your looking at $250 MIN.
|
It's not that hard to create an encryption that can be later decrypted, but using unique keys so no one will be able to decrypt an encrypted value. (without getting the keys and source code of the encryption, of course)
Btw, I *think* MD5() was already decrypted by someone, but I'm far from sure. And if anyone will be able to decrypt MD5 hashes with 100% success, trust me he won't be giving it to you. :) |
ok then I should forget this idea then :( but I think it was a good idea to give the users the option if they wanted to encrypt the passwords when upgrading
because the reason that keeping from upgrading to 2.2.0 is this thing because I get too many complains of new users that they cant login and things like that and I have to login using their accont to see the problem anyway I hope Jelsoft Enterprises will consider puting that option back to config file |
| All times are GMT. The time now is 08:19 PM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|