Thread: Resend a users password without resetting it to a new one
View Single Post
  #4  
Old 09-08-2007, 11:11 AM
Opserty Opserty is offline
 
Join Date: Apr 2007
Posts: 4,103
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
The whole point of the loops are there to stop people from accessing it who shouldn't be.

All good pieces of Internet software will NEVER send you your password directly in an email. Not only is it not sercure to save a plain text password in the database (say for example you give another admin access to your site, they can run a simple mysql to fetch all the password of the users and then maybe test them out with their email accounts to see if some users use the same password for both. If they do...voi-la they have access to users email accounts. Its unlikely but its an example of what can go wrong.

On the other end: say a someone (A) gains access to a users (B) email account, maybe they guessed their secret question, if B has archived their activation email in their inbox then (A) can see they have signed-up to your site, so they come to your site clicks the forgotten password link and an email is dispatched to inbox of B and A can read it...now they have a password they can go try it on all the sites they can see in the B's inbox. If they are "un-intelligent" enough to sign up to a site that stores passwords in plain text then they probably use they same password for everywhere else they are signed up to.

Both are rare situations but they are both plausible. From a personal point of view I would sign up to a site that has my password stored in plain text. (I test anything thats not vB for I add details )

There are probably more reasons too but those a just some quick ones I knocked together.
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.02294 seconds
  • Memory Usage 1,762KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete